CNNVD-202510-3907 Information

CNNVD ID

CNNVD-202510-3907

Related CVE

CVE-2025-12344

• CNNVD Published: 2025-10-28

Description (Chinese)

Yonyou U8 Cloud是中国用友（Yonyou）公司的一款云端企业管理系统。 Yonyou U8 Cloud 5.1sp及之前版本存在代码问题漏洞，该漏洞源于对文件/service/NCloudGatewayServlet中参数ts/sign的错误操作，可能导致任意文件上传。

Description (English)

Yonyou U8 Cloud is a cloud-end enterprise management system for Yonyou. Yonyou U8 Cloud 5.1sp and previous versions had a code gap, which stemmed from an error in the ts/sign of the parameters in file/service/NCloudGatewayServlet, which could lead to the uploading of any document.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

用友

Published

2025-10-28

Last Modified

2026-02-24

References

https://vuldb.com/?id.330129 https://vuldb.com/?submit.674532 https://github.com/IceSc0rpion/CVE/issues/1 https://vuldb.com/?ctiid.330129 https://access.redhat.com/security/cve/cve-2025-12344