{"id":8866,"date":"2025-07-24T08:39:24","date_gmt":"2025-07-24T08:39:24","guid":{"rendered":"http:\/\/localhost\/?p=8866"},"modified":"2025-07-24T08:39:24","modified_gmt":"2025-07-24T08:39:24","slug":"arbitrary-file-upload-in-smg-softwares-information-portal","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=8866","title":{"rendered":"Arbitrary File Upload in SMG Software’s Information Portal"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\nArbitrary File Upload in SMG Software’s Information Portal<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2025-07-24T12:45:22.450Z<\/td>\n<\/tr>\n
Modified<\/th>\n2025-07-24T13:36:01.931Z<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\nSMG Software<\/td>\n<\/tr>\n
Product<\/th>\nInformation Portal<\/td>\n<\/tr>\n
Version<\/th>\n0<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n
Base Score<\/th>\n10.0 (CRITICAL)<\/td>\n<\/tr>\n
Attack Vector<\/th>\nCVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:C\/C:H\/I:H\/A:H<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nThis vulnerability allows attackers to upload malicious files and execute arbitrary OS commands, potentially leading to code injection and web shell deployment. It affects versions of the Information Portal before 13.06.2025.<\/td>\n<\/tr>\n
AI Severity<\/th>\nCritical<\/td>\n<\/tr>\n
AI Vendor<\/th>\nSMG Software<\/td>\n<\/tr>\n
AI Product<\/th>\nInformation Portal<\/td>\n<\/tr>\n
AI Version<\/th>\nBefore 13.06.2025<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n