关键漏洞信息 Vulnerability ID: VDB-249368, CVE-2023-7181, GCVE-100-249368 Vendor and Product: Muyun DeDeBIZ up to 6.2.12 Component Affected: Add Attachment Handler Vulnerability Type: Unrestricted Upload (CWE-434) Severity: Critical Disclosure Date: 12/29/2023 Summary A critical vulnerability was found in Muyun DeDeBIZ up to 6.2.12, affecting an unknown function of the Add Attachment Handler. It leads to an unrestricted upload, allowing attackers to upload or transfer dangerous file types. Details CVE: CVE-2023-7181 MITRE ATT&CK Technique: T1608.002 Exploit Available: Proof-of-concept on GitHub Potential Impact: Confidentiality, integrity, and availability Vendor Response: No response Countermeasures Replace the affected object with an alternative product.