|
|
|||
| Rule General Information |
|---|
| Release Date: | 2024-11-13 | |
| Rule Name: | Yonyou U8-Cloud esnserver Arbitrary File Upload Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Yonyou U8 Cloud is Yonyou's cloud-based ERP software that provides enterprises with flexible and scalable cloud-based enterprise resource planning solutions. There is an arbitrary file upload vulnerability in Yonyou U8 Cloud esnserver interface. Attackers can upload malicious files to the server and execute them through the vulnerability. | |
| Impact: | Attackers can upload viruses, Trojans, WebShell, other malicious scripts or pictures containing scripts to the server, and attackers can use these files for subsequent attacks. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |