PT-2026-53229 · Hanwang · E-Face General Management Platform

Bigbrother_Man

Publicado

2026-06-29

Atualizado

2026-06-29

CVE-2026-13547

CVSS v2.0

7.5

Alta

Vetor

AV:N/AC:L/Au:N/C:P/I:P/A:P

A vulnerability was determined in Hanwang e-Face General Management Platform 6.3.5.4. This issue affects some unknown processing of the file /manage/resourceUpload/upload.do. Executing a manipulation of the argument File can lead to unrestricted upload. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.

Exploit

Correção

Improper Access Control

Unrestricted File Upload

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-284CWE-434

Identificadores relacionados

CVE-2026-13547

Produtos afetados

E-Face General Management Platform

PT-2026-53229 · Hanwang · E-Face General Management Platform

CVE-2026-13547

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6