Security Advisory

CVE-2021-34129

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-06-15 14:05:18

Last updated 2024-08-04 00:05:52

Assigner mitre

State PUBLISHED

Description

LaikeTui 3.5.0 allows remote authenticated users to delete arbitrary files, as demonstrated by deleting install.lock in order to reinstall the product in an attacker-controlled manner. This deletion is possible via directory traversal in the uploadImg, oldpic, or imgurl parameter.

← Browse all CVEs View on cve.org ↗