제출 #842646: Hanwang Technology Co., Ltd. Hanwang e-Face General Management Platform V6.3.5.4 Remote Code Execution (RCE)정보

제목Hanwang Technology Co., Ltd. Hanwang e-Face General Management Platform V6.3.5.4 Remote Code Execution (RCE)
설명A critical vulnerability was found in Hanwang Technology Co., Ltd. e-Face (e-Liantong) General Management Platform. It affects an unknown function of the file /manage/resourceUpload/upload.do. The manipulation leads to unauthenticated arbitrary file upload. An unauthenticated remote attacker can exploit this vulnerability by sending a specially crafted malicious request to upload an executable web shell. Due to the lack of proper input validation and authorization checks, the attacker can achieve arbitrary remote code execution (RCE) and gain full control over the underlying server operating system.
원천⚠️ https://ucn9h68n9289.feishu.cn/wiki/SrO0wcxd9i6ByukOizGcIgpBnRd
사용자
 bigbrother_man (UID 96003)
제출2026. 05. 29. AM 11:23 (1 월 ago)
모더레이션2026. 06. 28. PM 01:00 (1 month later)
상태수락
VulDB 항목374555 [Hanwang e-Face General Management Platform 6.3.5.4 upload.do 파일 권한 상승]
포인트들20

Do you know our Splunk app?

Download it now for free!