|
|
|||
| Rule General Information |
|---|
| Release Date: | 2024-07-30 | |
| Rule Name: | Yonyou U8 CRM import.php Arbitrary File Upload Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Yonyou U8 CRM is a customer relationship management (CRM) software launched by Yonyou Company, which integrates sales, marketing, customer service and other functions to help enterprises optimize customer management processes, enhance customer satisfaction and competitiveness. Its import.chp file has an arbitrary file upload vulnerability, allowing attackers to upload malicious files, execute commands, and even take over the server. | |
| Impact: | Attackers can upload viruses, Trojans, WebShell, other malicious scripts or pictures containing scripts to the server, and attackers can use these files for subsequent attacks. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |