|
|
|||
| Rule General Information |
|---|
| Release Date: | 2022-08-04 | |
| Rule Name: | Yonyou KSOA Software File Upload Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Yonyou KSOA is a new generation product developed under the guidance of SOA concept. The Yonyou KSOA platform ImageUpload interface has arbitrary file upload vulnerability, which is due to inadequate verification of uploaded files, allowing attackers to upload malicious files to the application server and then execute malicious code. Finally get server permissions. | |
| Impact: | An attacker could exploit this vulnerability to have unspecified effect. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |