CNNVD-202601-928 Information
CNNVD ID
CNNVD-202601-928
Related CVE
- CNNVD Published: 2026-01-05
Description (Chinese)
Quanta QOCA aim AI Medical Cloud Platform是中国台湾广达(Quanta)公司的一个人工智能医疗云计算整合平台,提供全面的AI模型开发工具,涵盖从AI开发到临床应用的全过程。 Quanta QOCA aim AI Medical Cloud Platform存在代码问题漏洞,该漏洞源于任意文件上传,可能导致经过身份验证的远程攻击者上传并执行WebShell后门,从而在服务器上执行任意代码。
Description (English)
Quanta QOCA aim AI Medical Cloud Platform, an artificial, intelligent cloud computing integration platform for Quanta, China, provides a comprehensive AI model development tool covering the entire process from AI development to clinical application. Quanta QOCA aim AI Medical Cloud Platform has a code loophole, which originates from the uploading of any document and may lead to the uploading and execution of the WebShell back door by a remote and identified assailant, thus enforcing any code on the server.
Hazard Level
Medium
Vulnerability Type
代码问题
Affected Vendor
广达
Published
2026-01-05
Last Modified
2026-02-24
References
https://www.twcert.org.tw/en/cp-139-10616-cd942-2.html https://www.twcert.org.tw/tw/cp-132-10615-157a3-1.html
Patch
https://www.qoca.net/solutions/aim
Share on: