Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GHSA-73V2-RXQP-7Q4F
HistoryMar 29, 2024 - 6:30 p.m.

aliyundrive-webdav vulnerable to Command Injection

2024-03-2918:30:42
Google
osv.dev
10
aliyundrive-webdav remote attacker arbitrary code crafted payload action_query_qrcode software

AI Score

7.8

Confidence

High

EPSS

0.001

Percentile

17.1%

JSON

An issue in aliyundrive-webdav v.2.3.3 and before allows a remote attacker to execute arbitrary code via a crafted payload to the sid parameter in the action_query_qrcode component.

Related

veracode 1
cvelist 1
cve 1
nvd 1
vulnrichment 1
github 1
veracode
veracode
Remote Code Execution (RCE)
2024-04-01 06:53:02
cvelist
cvelist
CVE-2024-29640
2024-03-29 00:00:00
cve
cve
CVE-2024-29640
2024-03-29 17:15:12
nvd
nvd
CVE-2024-29640
2024-03-29 17:15:12
vulnrichment
vulnrichment
CVE-2024-29640
2024-03-29 00:00:00
github
github
aliyundrive-webdav vulnerable to Command Injection
2024-03-29 18:30:42

AI Score

7.8

Confidence

High

EPSS

0.001

Percentile

17.1%

JSON
Related for OSV:GHSA-73V2-RXQP-7Q4F
veracode1cvelist1cve1nvd1vulnrichment1github1