CVE-2021-34164 Information

Description

Permissions vulnerability in LIZHIFAKA v.2.2.0 allows authenticated attacker to execute arbitrary commands via the set password function in the admin/index/email location.

Reference

https://github.com/lizhipay/faka/issues/22