| Description: | | Landray EKP is an online digital OA software developed by Shenzhen Lanling Software Co., LTD. It is designed to provide online office solutions for large and medium-sized enterprises. The software covers the process management, knowledge management, meeting management, document management, task management and supervision functions, aiming to improve the organization's collaboration efficiency and work efficiency. Landray OA product had a remote code execution vulnerability. An attacker could move the directory that needed authorization to a directory that could be accessed anonymously through the sysUiComponent.do interface, achieving permission bypass access to the directory, and eventually leading to remote code execution. |