PT-2023-24991 · Unknown · Guantang Equipment Management System
Published
2023-06-28
·
Updated
2023-07-10
·
CVE-2023-34736
CVSS v3.1
7.2
High
| Vector | AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Guantang Equipment Management System version 4.12
Description
The Guantang Equipment Management System is affected by an issue that allows Arbitrary File Upload. This could potentially lead to unauthorized access or malicious activities.
Recommendations
For Guantang Equipment Management System version 4.12, consider restricting access to file upload functionalities until a patch or fix is available. As a temporary workaround, disabling the file upload feature can help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Guantang Equipment Management System