CVE-2026-1021

Critical CVSS: 9.3

Police Statistics Database System developed by Gotac has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attacker to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.

Vendor

Gotac

Product

Police Statistics Database System

CWE

CWE-434

Yayın Tarihi

2026-01-16 03:16:18

Güncelleme

2026-01-23 20:24:35

Source Identifier

twcert@cert.org.tw

KEV Date Added

Kategoriler

CWE-434 Police Statistics Database System CRITICAL Gotac 2026

Referanslar

https://www.twcert.org.tw/en/cp-139-10638-0e44b-2.html https://www.twcert.org.tw/tw/cp-132-10637-3e4b3-1.html

Benzer Kayıtlar

High

CVE-2026-1022

Statistics Database System developed by Gotac has an Arbitrary File Read vulnerability, allowing unauthenticated remote…

High

CVE-2026-1023

Statistics Database System developed by Gotac has a Missing Authentication vulnerability, allowing unauthenticated remot…

High

CVE-2026-1018

Police Statistics Database System developed by Gotac has an Arbitrary File Read vulnerability, allowing Unauthenticated…

Critical

CVE-2026-1019

Police Statistics Database System developed by Gotac has a Missing Authentication vulnerability, allowing unauthenticate…

Medium

CVE-2026-1020

Police Statistics Database System developed by Gotac has a Absolute Path Traversal vulnerability, allowing unauthenticat…