|
|
|||
| Rule General Information |
|---|
| Release Date: | 2021-06-01 | |
| Rule Name: | Tongda OA upload.php Arbitrary File Upload Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Tongda OA is a set of collaborative office automation software independently developed by Beijing Tongda Xinke Technology Co., LTD. The OA module/upload/upload.php page of Tongda has arbitrary file upload vulnerability, which is due to inadequate verification of uploaded files, allowing attackers to upload malicious files to the server of the application. Then execute malicious code, and finally obtain server permissions. | |
| Impact: | An attacker could exploit this vulnerability to upload arbitrary file. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |