GobyVuls/UF_U8_Cloud_upload.jsp_file_upload_vulnerability.md

## UF U8 Cloud upload.jsp file upload vulnerability

|   **Vulnerability**  | **UF U8 Cloud upload.jsp file upload vulnerability**  |
| :----:   | :-----|
|  **Chinese name**  | 用友 U8 Cloud upload.jsp 文件上传漏洞 |
| **CVSS core**  | 9.8 |
| **FOFA Query**  (click to view the results directly)| [body="开启U8 cloud云端之旅"](https://en.fofa.info/result?qbase64=Ym9keT0i5byA5ZCvVTggY2xvdWTkupHnq6%2FkuYvml4Ui) |
| **Number of assets affected**  | 13473 |
| **Description**  | yonyou U8 cloud is a cloud ERP developed by yonyou.There is a file upload vulnerability in yonyou U8 upload.jsp, which can be exploited by attackers to gain server privileges. |
| **Impact** | Attackers can use this vulnerability to upload file, execute code on the server side, write backdoors, obtain server permissions, and then control the entire web server. |

![](https://s3.bmp.ovh/imgs/2023/09/06/407cf745d8210300.gif)
Create UF_U8_Cloud_upload.jsp_file_upload_vulnerability.md 2023-09-06 17:36:51 +08:00			`## UF U8 Cloud upload.jsp file upload vulnerability`

			`\| Vulnerability \| UF U8 Cloud upload.jsp file upload vulnerability \|`
			`\| :----: \| :-----\|`
			`\| Chinese name \| 用友 U8 Cloud upload.jsp 文件上传漏洞 \|`
			`\| CVSS core \| 9.8 \|`
			`\| FOFA Query (click to view the results directly)\| [body="开启U8 cloud云端之旅"](https://en.fofa.info/result?qbase64=Ym9keT0i5byA5ZCvVTggY2xvdWTkupHnq6%2FkuYvml4Ui) \|`
			`\| Number of assets affected \| 13473 \|`
			`\| Description \| yonyou U8 cloud is a cloud ERP developed by yonyou.There is a file upload vulnerability in yonyou U8 upload.jsp, which can be exploited by attackers to gain server privileges. \|`
			`\| Impact \| Attackers can use this vulnerability to upload file, execute code on the server side, write backdoors, obtain server permissions, and then control the entire web server. \|`

			`![](https://s3.bmp.ovh/imgs/2023/09/06/407cf745d8210300.gif)`