2024-10-02 00:00:00
mitre
PUBLISHED
A remote code execution vulnerability in the project management of Wanxing Technologys Yitu project which allows an attacker to use the exp.adpx file as a zip compressed file to construct a special file name, which can be used to decompress the project file into the system startup folder, restart the system, and automatically execute the constructed attack script.