CVE-2025-55267
HCL Aftermarket DPC is affected by Unrestricted File Upload vulnerability
In short
HCL Aftermarket DPC allows attackers to upload harmful files without proper checks, which can then be executed to take complete control of the server.
Technical detail
An unrestricted file upload vulnerability (CWE-434) in HCL Aftermarket DPC permits unauthenticated or authenticated attackers to upload arbitrary files to the server. If uploaded files are executable or interpreted by the server, this leads to remote code execution and full server compromise.
Summary generated and translated by AI from the official description.
HCL Aftermarket DPC is affected by Unrestricted File Upload vulnerability, allows attacker to upload and execute malicious scripts, gaining full control over the server.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
Affected products
HCL · Aftermarket DPCWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →