Segon

**Name of the Vulnerable Software and Affected Versions** Gen Technology Four Mountain Torrent Disaster Prevention and Control of Monitoring and Early Warning System up to 20230712 **Description** A critical issue was found in the system, affecting the /Duty/AjaxHandle/UploadFloodPlanFileUpdate.ashx file. The manipulation of the `Filedata` argument leads to unrestricted upload. The issue has been publicly disclosed and may be exploited. **Recommendations** For Gen Technology Four Mountain Torrent Disaster Prevention and Control of Monitoring and Early Warning System up to 20230712, as a temporary workaround, consider restricting access to the `/Duty/AjaxHandle/UploadFloodPlanFileUpdate.ashx` endpoint to minimize the risk of exploitation. Avoid using the `Filedata` argument in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this issue.