admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-05-05 10:16:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
GobyVuls/SysAid_userentry_file_upload_vulnerability.md

1.6 KiB
Raw Permalink Blame History

SysAid userentry file upload vulnerability (CVE-2023-47246)

Vulnerability SysAid userentry file upload vulnerability (CVE-2023-47246)
Chinese name SysAid userentry 文件上传漏洞CVE-2023-47246
CVSS core 9.8
FOFA Query (click to view the results directly) app="SysAid-Help-Desk"
Number of assets affected 1819
Description SysAid is an information technology (IT) service management and help desk solution designed to help organizations more effectively manage their IT infrastructure, help desk support and user needs. SysAid provides a series of functions, including fault reporting, asset management, problem management, change management, knowledge base, automated workflow, etc., to help enterprises improve the efficiency and quality of IT services.SysAid has a file upload vulnerability in userentry. An attacker can use the file upload vulnerability to execute malicious code, write backdoors, and read sensitive files, which may cause the server to be attacked and controlled.
Impact SysAid has a file upload vulnerability in userentry. An attacker can use the file upload vulnerability to execute malicious code, write backdoors, and read sensitive files, which may cause the server to be attacked and controlled.