Fastadmin remote code execution 0day vulnerability (no number)

I. overview of vulnerabilities

On September 22, 2020, the vulnerability of fastadmin remote execution center will be exposed. You can upload specific files directly to getshell. Up to now, the vulnerability has not been officially repaired. Chuangyu reminds fastadmin users to take security measures as soon as possible to prevent hackers from exploiting the vulnerability.

II. Affected version

V1. 0.0.20180911_ beta-V1. 0.0.20200506_ beta

III. recurrence process


IV. scope of influence

According to zoomeye cyberspace search engine, the keyword "fastadmin" was searched, and a total of 5961 IP history records were obtained, which are concentrated in China.

V. repair suggestions

It is recommended that affected users refer to the guidelines on the official website and upgrade fastadmin to the latest beta version (v1.0.0.20200920_beta)


Six timeline

Fastadmin Remote Code Execution Vulnerability exposure time: September 22, 2020

Know the time when Chuangyu released vulnerability Intelligence: September 24, 2020

VII. Related links

Zoomeye cyberspace search engine:

hot news