|
|||
Rule General Information |
---|
Release Date: | 2021-06-01 | |
Rule Name: | Landray OA Custom.jsp Arbitrary File Read Vulnerability | |
Severity: | ||
CVE ID: | ||
Rule Protection Details |
---|
Description: | Landray is a digital office service provider located in Shenzhen. The Custom.jsp page of a certain version of the OA product has an arbitrary file reading vulnerability. An unauthorized attacker can use this vulnerability to access any file on the server, including database credentials, API keys, and configuration files, so as to obtain system permissions and sensitive information. | |
Impact: | An attacker could exploit this vulnerability to get private information. | |
Affected OS: | Windows, Linux, Others | |
Reference: | ||
Solutions |
---|
Please contact the software vendor to update the software patch. |