Impact
imcat 5.2 allows an authenticated file upload and consequently remote code execution via the picture functionality.
Patches
Users of version 5.2 should upgrade to version 5.3 when available.
Workarounds
Users of version 5.2 should upgrade to version 5.3 when available.
References
Notice: It just occurs by the supper administrator!
The common administrator is Not affected。
For more information
If you have any questions or comments about this advisory:
Open an issue in #4
Credits
leommxj from Chaitin Security Research Lab
Impact
imcat 5.2 allows an authenticated file upload and consequently remote code execution via the picture functionality.
Patches
Users of version 5.2 should upgrade to version 5.3 when available.
Workarounds
Users of version 5.2 should upgrade to version 5.3 when available.
References
Notice: It just occurs by the supper administrator!
The common administrator is Not affected。
For more information
If you have any questions or comments about this advisory:
Open an issue in #4
Credits
leommxj from Chaitin Security Research Lab