GobyVuls/yongyou_GRP-U8_U8App_Proxy_Arbitrary_file_upload_vulnerability.md

## yongyou GRP-U8 U8AppProxy Arbitrary file upload vulnerability

|   **Vulnerability**  | **yongyou GRP-U8 U8AppProxy Arbitrary file upload vulnerability**  |
| :----:   | :-----|
|  **Chinese name**  | 用友GRP-U8 软件 U8AppProxy 任意文件上传漏洞 |
| **CVSS core**  | 9.0 |
| **FOFA Query**  (click to view the results directly)| [body="window.location.replace(\"login.jsp?up=1\")" \|\| body="GRP-U8"](https://en.fofa.info/result?qbase64=Ym9keT0id2luZG93LmxvY2F0aW9uLnJlcGxhY2UoXCJsb2dpbi5qc3A%2FdXA9MVwiKSIgfHwgYm9keT0iR1JQLVU4Ig%3D%3D) |
| **Number of assets affected**  | 1308 |
| **Description**  | Yonyou GRP-U8 management software is a new generation of products launched by UFIDA focusing on national e-government affairs and based on cloud computing technology. It is the most professional government financial management software in the field of administrative affairs and finance in my country. UFIDA GRP-U8 management software U8AppProxy has an arbitrary file upload vulnerability, an attacker can upload a webshell to obtain server permissions.|
| **Impact** | UFIDA GRP-U8 management software U8AppProxy has an arbitrary file upload vulnerability, an attacker can upload a webshell to obtain server permissions. |
  
![](https://s3.bmp.ovh/imgs/2023/06/08/5cccc970d4c3d964.gif)
Create yongyou_GRP-U8_U8App_Proxy_Arbitrary_file_upload_vulnerability.md add yongyou GRP-U8 U8AppProxy Arbitrary file upload vulnerability 2023-06-09 17:58:19 +08:00			`## yongyou GRP-U8 U8AppProxy Arbitrary file upload vulnerability`

			`\| Vulnerability \| yongyou GRP-U8 U8AppProxy Arbitrary file upload vulnerability \|`
			`\| :----: \| :-----\|`
			`\| Chinese name \| 用友GRP-U8 软件 U8AppProxy 任意文件上传漏洞 \|`
			`\| CVSS core \| 9.0 \|`
			`\| FOFA Query (click to view the results directly)\| [body="window.location.replace(\"login.jsp?up=1\")" \\|\\| body="GRP-U8"](https://en.fofa.info/result?qbase64=Ym9keT0id2luZG93LmxvY2F0aW9uLnJlcGxhY2UoXCJsb2dpbi5qc3A%2FdXA9MVwiKSIgfHwgYm9keT0iR1JQLVU4Ig%3D%3D) \|`
			`\| Number of assets affected \| 1308 \|`
			`\| Description \| Yonyou GRP-U8 management software is a new generation of products launched by UFIDA focusing on national e-government affairs and based on cloud computing technology. It is the most professional government financial management software in the field of administrative affairs and finance in my country. UFIDA GRP-U8 management software U8AppProxy has an arbitrary file upload vulnerability, an attacker can upload a webshell to obtain server permissions.\|`
			`\| Impact \| UFIDA GRP-U8 management software U8AppProxy has an arbitrary file upload vulnerability, an attacker can upload a webshell to obtain server permissions. \|`

			`![](https://s3.bmp.ovh/imgs/2023/06/08/5cccc970d4c3d964.gif)`