CVE-2026-6211
Arbitrary File Upload in Global IT's WEOLL
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 8.7EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
12 jun 2026Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
Unrestricted upload of file with dangerous type vulnerability in Global IT Informatics Services Inc. WEOLL allows Accessing Functionality Not Properly Constrained by ACLs.
This issue affects WEOLL: from 2.0.9 before 3.2.45.33.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N
Productos afectados
Global IT Informatics Services Inc. · WEOLL