CVE-2021-44159

4MOSAn GCB Doctor’s file upload function has improper user privilege control. A remote attacker can upload arbitrary files including webshell files without authentication and execute arbitrary code in order to perform arbitrary system operations or deny of service attack...

CVE-2021-44159 4MOSAn GCB Doctor - Unrestricted Upload of File

4MOSAn GCB Doctor’s file upload function has improper user privilege control. A remote attacker can upload arbitrary files including webshell files without authentication and execute arbitrary code in order to perform arbitrary system operations or deny of service attack...

CVE-2021-44159

CVE-2021-44159 concerns 4MOSAn GCB Doctor’s file upload function, where improper user privilege control allows an unauthenticated remote attacker to upload arbitrary files (including webshells) and potentially execute code, enabling arbitrary system operations or a denial of service. The vulnerab...

Authentication flaw

4MOSAn GCB Doctor’s login page has improper validation of Cookie, which allows an unauthenticated remote attacker to bypass authentication by code injection in cookie, and arbitrarily manipulate the system or interrupt services by upload and execution of arbitrary files...

CVE-2021-42338

The CVE-2021-42338 entry concerns 4MOSAn GCB Doctor’s login page, where improper validation of a cookie allows an unauthenticated remote attacker to bypass authentication via code injection in the cookie and to arbitrarily manipulate the system or disrupt services by uploading and executing arbit...

CVE-2021-42338 4MOSAn GCB Doctor - Improper Authorization

4MOSAn GCB Doctor’s login page has improper validation of Cookie, which allows an unauthenticated remote attacker to bypass authentication by code injection in cookie, and arbitrarily manipulate the system or interrupt services by upload and execution of arbitrary files...