MeetingHub developed by HAMASTAR Technology has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XHamastar Meetinghub Paperless Meetings
APPHamastar< 2025-12-10
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
Related vulnerabilities
CVE-2024-6117CRITICAL9.3PL ✓ten sam produkt
Nieograniczony upload plików w Hamastar MeetingHub — zdalne wykonanie poleceń
CVE-2024-6118CRITICAL9.3PL ✓ten sam produkt
Hamastar MeetingHub: hasła przechowywane w postaci jawnej w plikach XML
CVE-2026-1330HIGH8.7ten sam produkt
MeetingHub developed by HAMASTAR Technology has an Arbitrary File Read vulnerability, allowing unauthenticated...
CVE-2026-1332MEDIUM6.9ten sam produkt
MeetingHub developed by HAMASTAR Technology has a Missing Authentication vulnerability, allowing unauthenticat...