N/A

In MiniShare before 1.4.2, there is a stack-based buffer overflow via an HTTP PUT request, which allows an attacker to achieve arbitrary code execution, a similar issue to CVE-2018-19861, CVE-2018-19862, and CVE-2019-17601. NOTE: this product is discontinued.

N/A

N/A

MiniShare 缓冲区错误漏洞

MiniShare是一款主要用于文件共享的Web服务器。 MiniShare 1.4.2之前版本中存在缓冲区错误漏洞，该漏洞源于程序没有进行正确的边界检查。远程攻击者可通过发送特制的HTTP PUT请求利用该漏洞在系统上执行任意代码。

N/A

N/A