CVE-2026-6105 | perfree go-fastdfs-web up to 1.3.7 doInstall Interface InstallController.java improper authorization (IGB6M9)

A vulnerability was found in perfree go-fastdfs-web up to 1.3.7. It has been classified as critical. This affects an unknown part of the file src/main/java/com/perfree/controller/InstallController.java of the component doInstall Interface. The manipulation leads to improper authorization.

This vulnerability is listed as CVE-2026-6105. The attack may be initiated remotely. In addition, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-6105 | perfree go-fastdfs-web up to 1.3.7 doInstall Interface InstallController.java improper authorization (IGB6M9)

Post correlati

CVE-2025-13560 | SourceCodester Company Website CMS 1.0 reset-password.php email sql injection

CVE-2024-51569 | Apache NimBLE up to 1.7.0 HCI Event Parser out-of-bounds

CVE-2023-6298 | Apryse iText 8.0.2 PdfDocument.java main array index

CVE-2026-4188 | D-Link DIR-619L 2.06B01 boa /goform/formSchedule curTime stack-based overflow