← back
CVE-2025-48782

Soar Cloud HRD Human Resource Management System - Unrestricted Upload of File with Dangerous Type

CVSS 9.9 CRITICALEPSS 0.4%CWE-434
An unrestricted upload of file with dangerous type vulnerability in the upload file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to execute arbitrary system commands via a malicious file.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:H
Affected products
Soar Cloud System CO., LTD. · HRD Human Resource Management System

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://zuso.ai/advisory/za-2025-07