| TVN ID | TVN-202308003 |
|---|---|
| CVE ID | CVE-2023-32757 |
| CVSS | 9.8 (Critical) CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| Affected Products | U-Office Force: 20.0.7668D |
| Description | e-Excellence U-Office Force file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker without logging the service can exploit this vulnerability to upload arbitrary files to perform arbitrary command or disrupt service. |
| Solution | update version to 24.50SP1 or later |
| Credit | Kun Xian Lin(DEVCORE) |
| Public Date | 2023-09-19 |
:::