|
|
|||
| Rule General Information |
|---|
| Release Date: | 2024-07-02 | |
| Rule Name: | Yonyou U8 operaFileActionController.jsp Arbitrary File Upload Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Yonyou OA is an enterprise office automation software, which can help enterprises realize electronic office, and provide a collaborative office portal and management platform for enterprises and institutions. Yonyou U8 OA has an arbitrary file overwrite write vulnerability. An attacker can overwrite the files that exist in the system and then control the server. | |
| Impact: | Attackers can upload viruses, Trojans, WebShell, other malicious scripts or pictures containing scripts to the server, and attackers can use these files for subsequent attacks. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |