This is a writeup describing an authenticated file upload vulnerability in GOautodial 4.0, allowing an agent to upload a webshell via a message attachment. The writeup provides steps to exploit the vulnerability but does not include actual exploit code.
Classification
Writeup 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target:GOautodial 4.0
Auth required
Prerequisites:Authenticated access as an agent · Ability to send messages to the goadmin user