First published: Mon Jul 31 2023(Updated: )
Remote Code Execution vulnerability in DedeCMS through 5.7.109 allows remote attackers to run arbitrary code via crafted POST request to /dede/tpl.php.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Dedecms Dedecms | <=5.7.109 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-34842 is a Remote Code Execution vulnerability in DedeCMS through 5.7.109.
CVE-2023-34842 allows remote attackers to run arbitrary code via a crafted POST request to /dede/tpl.php.
CVE-2023-34842 has a severity rating of 9.8 (Critical).
To fix CVE-2023-34842, upgrade DedeCMS to version 5.7.110 or higher.
You can find more information about DedeCMS at https://www.dedecms.com/.