|
|
|||
| Rule General Information |
|---|
| Release Date: | 2025-02-11 | |
| Rule Name: | Jinher OA C6 editeprint.aspx Arbitrary File Upload Vulnerability | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | The Jinher OA C6 platform is an enterprise management software launched by Jinhe Software Company that integrates multiple office automation functions. It aims to improve the office efficiency and management level of enterprises by providing comprehensive information solutions. The editprint.aspx interface contains an arbitrary file upload vulnerability. Attackers can exploit this vulnerability to upload malicious files to the server, enabling them to execute arbitrary code on the server and gain control over the target system. | |
| Impact: | Attackers can upload viruses, Trojans, WebShell, other malicious scripts or pictures containing scripts to the server, and attackers can use these files for subsequent attacks. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | ||
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |