← volver
CVE-2025-48782

Soar Cloud HRD Human Resource Management System - Unrestricted Upload of File with Dangerous Type

CVSS 9.9 CRITICALEPSS 0.4%CWE-434
An unrestricted upload of file with dangerous type vulnerability in the upload file function of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to execute arbitrary system commands via a malicious file.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:H
Productos afectados
Soar Cloud System CO., LTD. · HRD Human Resource Management System

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://zuso.ai/advisory/za-2025-07