Magento PolyShell – Unauthenticated File Upload to RCE in Magento (APSB25-94)

The post references a security vulnerability in Magento, identified as APSB25-94, which allows unauthenticated attackers to upload files. This flaw can lead to remote code execution (RCE) on affected systems. The issue is detailed in an external research report titled "Magento PolyShell."