CVE-2023-32757
e-Excellence U-Office Force - Arbitrary File Upload
Vexday Risk Score
28Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 9.8EPSS 0.7%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
25 ago 2023Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
e-Excellence U-Office Force file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker without logging the service can exploit this vulnerability to upload arbitrary files to perform arbitrary command or disrupt service.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Productos afectados
e-Excellence · U-Office Force¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →