|
|
|||
| Rule General Information |
|---|
| Release Date: | 2022-07-30 | |
| Rule Name: | Weaver e-cology V9 uploaderOperate.jsp Arbitrary File Upload Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Weaver e-cology is an Office Automation (OA) software developed by Weaver Software, a Chinese company. The software aims to provide an integrated solution for internal office processes within enterprises, enhancing office efficiency and information management.Weaver e-cology V9 has a vulnerability that allows arbitrary file upload, enabling malicious attackers to upload files to the server through the uploaderOperate method and gain control over it. | |
| Impact: | An attacker could exploit this vulnerability to have unspecified effect. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Refer to the announcement or patch by the vendor: http://v10.e-office.cn/eoffice9update/safepack.zip |