RULE(RULE ID:338213)

Rule General Information
Release Date: 2024-07-02
Rule Name: H3C Campus Network Self-service System flexfileupload Arbitrary File Upload Vulnerability
Severity:
CVE ID:
Rule Protection Details
Description: H3C campus network self-service system is an integrated platform, which provides campus users with network access, account management, fault repair and other self-service functions, aiming to improve the efficiency of campus network services and user satisfaction. The H3C campus network self-service system has an arbitrary file upload vulnerability that allows attackers to upload malicious files to the server, which may lead to data disclosure, loss of server control, and even further network attacks.
Impact: Attackers can upload viruses, Trojans, WebShell, other malicious scripts or pictures containing scripts to the server, and attackers can use these files for subsequent attacks.
Affected OS: Windows, Linux, Others
Reference:
Solutions
Please contact the software vendor to update the software patch.