CNNVD-202509-1813 Information

CNNVD ID

CNNVD-202509-1813

Related CVE

CVE-2025-10267

• CNNVD Published: 2025-09-12

Description (Chinese)

NewType Infortech NUP Portal是中国台湾新人类（NewType Infortech）公司的一款门户管理与协同办公软件系统。 NewType Infortech NUP Portal存在访问控制错误漏洞，该漏洞源于缺少身份验证，可能导致未经验证的远程攻击者直接上传文件并执行Web脚本。

Description (English)

NewType Infortech NUP Portal is a portal management and co-location software system for NewType Infortech. NewType Inforteech NUP Portal had an access control error that stemmed from a lack of identification, which could lead to uncertified remote assailants uploading documents directly and implementing Web scripts.

Hazard Level

High

Vulnerability Type

访问控制错误

Affected Vendor

NextEPC

Published

2025-09-12

Last Modified

2026-02-24

References

https://www.twcert.org.tw/en/cp-139-10378-4fd0d-2.html https://www.twcert.org.tw/tw/cp-132-10377-89750-1.html

Patch

https://www.newtype.com.tw/