go to Content

TWCERT/CC Taiwan Computer Emergency Response Team/Coordination Center


e-Excellence U-Office Force - Path Traversal

TVN ID TVN-202308002
CVE ID CVE-2023-32756
CVSS 7.5 (High)
Affected Products U-Office Force: 20.0.7668D
Description e-Excellence U-Office Force has a path traversal vulnerability within its file uploading and downloading functions. An unauthenticated remote attacker can exploit this vulnerability to read arbitrary system files, but can’t control system or disrupt service.
Solution update version to 24.50SP1 or later
Credit Kun Xian Lin(DEVCORE)
Public Date 2023-09-19