|Category:||Access Control Error|
Published on 24/02/13 - Updated on 26/02/13
BigAntSoft BigAnt IM Message Server does not require authentication for file uploading, which allows remote attackers to create arbitrary files under AntServer\DocData\Public via unspecified vectors.
CWE-287 (Authentication Issues)
When an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.