A SSRF vulnerability exists in the downloadimage interface of CRMEB 3.0, which can remotely download arbitrary files on the server and remotely execute arbitrary code.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25466
Reference (s):
- http://crmeb.com
- https://github.com/crmeb/CRMEB
- https://github.com/crmeb/CRMEB/issues/22