| TVN ID | TVN-202309012 |
|---|---|
| CVE ID | CVE-2023-35850 |
| CVSS | 7.2 (High) CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
| Affected Products | WMPro: V5 |
| Description | SUNNET WMPro protal's file management function has a vulnerability of insufficient filtering for user input. An remote attacker with administrator privilege or privileged account can exploit this vulnerability to inject and execute arbitrary system commands to perform arbitrary system operation or disrupt service. |
| Solution | Update version to the latest one or contact SUNNET support team |
| Credit | Fi Liu(CHT Security) |
| Public Date | 2023-09-20 |
:::