RULE(RULE ID:338129)

Rule General Information
Release Date: 2024-06-18
Rule Name: Landray EIS api.aspx Interface Arbitrary File Upload Vulnerability
Severity:
CVE ID:
Rule Protection Details
Description: Landray EIS intelligent collaboration platform is an automated office OA, Landray EIS api.aspx interface has any file upload vulnerability, malicious attackers can upload malicious software, such as backdoor, Trojan horse or ransomware, to obtain remote access to the server or damage the system. This may cause security risks to the server.y
Impact: Attackers can upload viruses, Trojans, WebShell, other malicious scripts or pictures containing scripts to the server, and attackers can use these files for subsequent attacks.
Affected OS: Windows, Linux, Others
Reference:
Solutions
Please contact the software vendor to update the software patch.