CNNVD-202512-4993 Information
Dec 29, 2025
cve
CNNVD ID
CNNVD-202512-4993
Related CVE
- CNNVD Published: 2025-12-29
Description (Chinese)
WELLTEND BPMFlowWebkit是中国台湾鸿名(WELLTEND)公司的一款业务流程管理系统。 WELLTEND BPMFlowWebkit存在代码问题漏洞,该漏洞源于存在任意文件上传漏洞,可能导致未经验证的远程攻击者上传和执行Web Shell后门,从而在服务器上执行任意代码。
Description (English)
WellTend BPMFlowWebkit is a business process management system of WellTend Corporation. WELLTEND BPMFlowWebkit has a code loophole, which stems from the existence of any file upload loophole that could lead to unverified remote assailants uploading and implementing the Web Shell back door, thus enforcing any code on the server.
Hazard Level
Low
Vulnerability Type
代码问题
Affected Vendor
鸿名
Published
2025-12-29
Last Modified
2026-02-24
References
https://www.twcert.org.tw/en/cp-139-10605-426b6-2.html https://www.twcert.org.tw/tw/cp-132-10604-c65aa-1.html
Patch
https://www.welltend.com.tw/system.php
Share on: