|
|
|||
| Rule General Information |
|---|
| Release Date: | 2024-07-09 | |
| Rule Name: | WANHU ezOFFICE OA officeserver.jsp Arbitrary File Upload Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Wanhu ezOFFICE OA is an enterprise-level office automation system designed to enhance work efficiency and internal communication within businesses by offering comprehensive collaboration tools and information management capabilities. It has an arbitrary file upload vulnerability in its officeserver.jsp, which allows attackers to upload malicious files. | |
| Impact: | Attackers can upload viruses, Trojans, WebShell, other malicious scripts or pictures containing scripts to the server, and attackers can use these files for subsequent attacks. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |