描述
An incomplete blacklist exists in the .htaccess sample of WWBN AVideo 14.4 and dev master commit 8a8954ff. A specially crafted HTTP request can lead to a arbitrary code execution. An attacker can request a .phar file to trigger this vulnerability.
AI分析AI驱动
受影响产品
wwbnavideo
14.4
参考资料
- https://talosintelligence.com/vulnerability_reports/TALOS-2025-2213ExploitThird Party Advisory
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2213
- https://talosintelligence.com/vulnerability_reports/TALOS-2025-2213ExploitThird Party Advisory