Weal

**Name of the Vulnerable Software and Affected Versions** Maiwei Safety Production Control Platform version 4.1 **Description** A problematic issue was found in the Maiwei Safety Production Control Platform, affecting the `/api/DataDictionary/GetItemList` API endpoint. This issue leads to information disclosure and can be initiated remotely. The exploit has been disclosed publicly. **Recommendations** For Maiwei Safety Production Control Platform version 4.1, as a temporary workaround, consider restricting access to the `/api/DataDictionary/GetItemList` API endpoint until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Maiwei Safety Production Control Platform version 4.1 **Description** A problematic issue has been found in the Intelligent Monitoring component, affecting the processing of the file /TC/V2.7/ha.html. This leads to information disclosure and can be initiated remotely. The issue has been publicly disclosed. **Recommendations** For Maiwei Safety Production Control Platform version 4.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Maiwei Safety Production Control Platform version 4.1 **Description** A problematic issue was found in the Maiwei Safety Production Control Platform, affecting an unknown function of the file /Content/Plugins/uploader/FileChoose.html?fileUrl=/Upload/File/Pics/&parent. This issue leads to unrestricted upload and can be exploited remotely. The exploit has been disclosed publicly. **Recommendations** For Maiwei Safety Production Control Platform version 4.1, consider restricting access to the /Content/Plugins/uploader/FileChoose.html file to minimize the risk of exploitation. As a temporary workaround, avoid using the fileUrl parameter in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.