Impact
This vulnerability stems from improper validation of the filename parameter used by MCO during data export and file upload operations. The flaw allows an attacker to write files to arbitrary locations on the server’s file system and to obtain indirect disclosure of the server’s absolute paths through error messages, representing a moderate-level information disclosure and potential read/write compromise of system files.
Affected Systems
The affected product is MyComplianceOffice MCO. Confirmation exists for version 25.3.3.1, and the issue may also affect other, currently unspecified, releases of the product.
Risk and Exploitability
The vulnerability carries a CVSS score of 5.1, indicating a moderate risk. EPSS data is unavailable, and the issue is not listed in the CISA KEV catalog. Attackers could exploit the file export/upload functionality to supply crafted filenames, provoking the vulnerability, and thereby create or overwrite files in privileged directories. Because the flaw also leaks absolute paths in error messages, the attacker could further refine their attack in a local environment.
OpenCVE Enrichment