e-Excellence U-Office Force file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker without logging the service can exploit this vulnerability to upload arbitrary files to perform arbitrary command or disrupt service.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://www.twcert.org.tw/tw/cp-132-7330-94442-1.html |
History
No history.
MITRE
Status: PUBLISHED
Assigner: twcert
Published: 2023-08-25T07:29:05.292Z
Updated: 2024-08-02T15:25:37.071Z
Reserved: 2023-05-15T02:46:49.300Z
Link: CVE-2023-32757
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-08-25T08:15:07.850
Modified: 2023-08-29T20:22:23.300
Link: CVE-2023-32757
Redhat
No data.