The exploit targets a remote file upload vulnerability in Bigace 2.7.5 via an exposed FCKeditor endpoint. Attackers can upload arbitrary files by accessing the uploadtest.html connector, potentially leading to remote code execution.
Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target:Bigace 2.7.5
No auth needed
Prerequisites:Access to the vulnerable FCKeditor endpoint