CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-37289

It is identified a vulnerability of Unrestricted Upload of File with Dangerous Type in the file uploading function in InfoDoc Document On-line Submission and Approval System, which allows an unauthenticated remote attacker can exploit this vulnerability without logging system to upload and run arbitrary executable files to perform arbitrary system commands or disrupt service. This issue affects Document On-line Submission and Approval System: 22547, 22567.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 60.1%

CVSS Severity

CVSS v3 Score 9.8

References

https://www.twcert.org.tw/tw/cp-132-7225-cef32-1.html
https://www.twcert.org.tw/tw/cp-132-7225-cef32-1.html

Products affected by CVE-2023-37289

Infodoc » Document On-Line Submission And Approval System » Version: 22547

cpe:2.3:a:infodoc:document_on-line_submission_and_approval_system:22547
Infodoc » Document On-Line Submission And Approval System » Version: 22567

cpe:2.3:a:infodoc:document_on-line_submission_and_approval_system:22567

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-37289

Products

Pricing

Contact Us