### Key Information #### Vulnerability Name Pre-Login Interface Privilege Escalation Patch (autoinstall) [CNVD-2021-01627] #### Release Date February 21, 2021 #### Issues Addressed 1. Pre-login method privilege escalation issues, such as autoinstall.do.css/.../ issues; 2. Resolves privilege escalation issues for regular accounts after login; 3. Resolves Shusheng deserialization vulnerability; 4. Resolves arbitrary file upload vulnerability in formula component. #### Patch Package List | Patch Name | Compatible Versions | Download Link | |------------|---------------------|---------------| | v8.0-v8.0SP2 Pre-Login Interface Privilege Escalation Patch (autoinstall) | A6_A8_V8.0 - V8.0SP1, V8.0SP2 | [Download Patch](#) | | v7.1sp1 Pre-Login Interface Privilege Escalation Patch (autoinstall) | A6_A8_V7.1SP1 | [Download Patch](#) | | v7.0sp1-v7.1 Pre-Login Interface Privilege Escalation Patch (autoinstall) | A6_A8_V7.0SP1 - V7.0SP2 - V7.0SP3 - V7.1 | [Download Patch](#) | | v7.0 Pre-Login Interface Privilege Escalation Patch (autoinstall) | A6_A8_V7.0 | [Download Patch](#) | | v6.0-v6.1sp2 Pre-Login Interface Privilege Escalation Patch (autoinstall) | A6_A8_V6.0 - V6.0SP1 - V6.1 - V6.1SP1 - V6.1SP2 | [Download Patch](#) | | v5.1-v5.6sp1 Pre-Login Interface Privilege Escalation Patch (autoinstall) | A6_A8_V5.1 - V5.1SP1 - V5.6 - V5.6SP1 | [Download Patch](#) | | v5.0 Series Pre-Login Interface Privilege Escalation Patch (autoinstall) | A6_A8_V5.0 - V5.0SP1 - V5.0SP2 | [Download Patch](#) | #### Operation Instructions