CVE Published: 25/08/2023 |
CVE Updated: 02/10/2024 |
CVE Year: 2023 Source: twcert |
Vendor: e-Excellence |
Product: U-Office Force Status : PUBLISHED
CVE-2023-32756 Description
e-Excellence U-Office Force has a path traversal vulnerability within its file uploading and downloading functions. An unauthenticated remote attacker can exploit this vulnerability to read arbitrary system files, but can’t control system or disrupt service.
Metrics
CVSS Version: 3.1 |
Base Score: 7.5 HIGH Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N