Security Advisory

CVE-2021-44164

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-12-20 03:10:24

Last updated 2024-09-16 18:59:15

Assigner twcert

State PUBLISHED

Description

Chain Sea ai chatbot system’s file upload function has insufficient filtering for special characters in URLs, which allows a remote attacker to by-pass file type validation, upload malicious script and execute arbitrary code without authentication, in order to take control of the system or terminate service.

← Browse all CVEs View on cve.org ↗