|
|
|||
| Rule General Information |
|---|
| Release Date: | 2024-11-05 | |
| Rule Name: | Hongfan OA iorepsavexml.aspx Arbitrary File Upload Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Hongfan OA is a software specially designed for hospital integrated business management, including information portal, document circulation, process management, document management, meeting management, document management, leadership cockpit and other functional modules. The Hongfan OA iorepsavexml.aspx interface has any file upload vulnerability, which can be successfully exploited to upload malicious files to the server. | |
| Impact: | Attackers can upload viruses, Trojans, WebShell, other malicious scripts or pictures containing scripts to the server, and attackers can use these files for subsequent attacks. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |