CVE-2022-43192 An upload control component of Dedecms v5.7.101 is vulnerable to an arbitrary code execution attack.

CVE-2022-43192 An upload control component of Dedecms v5.7.101 is vulnerable to an arbitrary code execution attack.

A stack-based buffer overflow exists in the component /dede/file_manage_control.php of Dedecms v5.7.101, which allows remote attackers to execute arbitrary code via a crafted PHP file. This vulnerability is related to an incomplete fix for CVE-2023-40884.

A remote code execution vulnerability exists in the component /dede/file_manage_control.php of Dedecms v5.7.101, which allows remote attackers to execute arbitrary code via a crafted PHP file. This vulnerability is related to an incomplete fix for CVE-2024-40885.

A remote code execution vulnerability exists in the component /dede/file_manage_control.php of Dedecms v5.7.101, which allows remote attackers to execute arbitrary code via a crafted PHP file. This vulnerability is related to an incomplete fix for CVE-2025-40890.

A remote code execution vulnerability exists in the component /dede/file_manage_control.php of Dedecms v5.7.101, which allows remote attackers to execute arbitrary code via a crafted PHP file. This vulnerability is related to an incomplete fix for CVE-2026-40895.

A remote code execution vulnerability exists in the component /dede/file_manage_control.php of Dedecms v5.7.101, which allows remote attackers to execute arbitrary

Deduplication: Not vulnerable

Dedecms v5.7.101 is not vulnerable to CVE-2022-43192, the stack-based buffer overflow vulnerability because of a lack of a stack buffer in the component /dede/file_manage_control.php.

Dedecms v5.7.101 is not vulnerable to CVE-2023-40884, the incomplete fix for CVE-2023-40884 that is related to a remote code execution vulnerability because there's no stack buffer in the component /dede/file_manage_control.php.

Dedecms v5.7.101 is not vulnerable to CVE-2024-40885, the incomplete fix for CVE-2024-40885 that is related to a remote code execution vulnerability because there's no stack buffer in the component /dede/file_manage_control.php.

Dedecms v5.7.101 is not vulnerable to CVE-2025-40890, the incomplete fix for CVE-2025-40890 that is related to a remote code execution vulnerability because there's no stack buffer in the component /dede/file_manage_control.php and because it doesn't use PHP functions strcpy or strncpy (which are affected by this particular issue)
Dedecms v5.7.101 is not vulnerable to CVE-2026-40895, the

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe