CRITICAL🇵🇱 Wersja polska

CVE-2026-1331

CVSS 9.3v4.0pub. 2026-01-22upd. 2026-02-17

MeetingHub developed by HAMASTAR Technology has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.

CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Hamastar Meetinghub Paperless Meetings

    APP
    Hamastar
    < 2025-12-10
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2024-6117CRITICAL9.3PL ✓ten sam produkt

Nieograniczony upload plików w Hamastar MeetingHub — zdalne wykonanie poleceń

CVE-2024-6118CRITICAL9.3PL ✓ten sam produkt

Hamastar MeetingHub: hasła przechowywane w postaci jawnej w plikach XML

CVE-2026-1330HIGH8.7ten sam produkt

MeetingHub developed by HAMASTAR Technology has an Arbitrary File Read vulnerability, allowing unauthenticated...

CVE-2026-1332MEDIUM6.9ten sam produkt

MeetingHub developed by HAMASTAR Technology has a Missing Authentication vulnerability, allowing unauthenticat...