Unrestricted File Upload Vulnerability in e-Excellence U-Office Force

Unrestricted File Upload Vulnerability in e-Excellence U-Office Force

CVE-2023-32757 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

e-Excellence U-Office Force file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker without logging the service can exploit this vulnerability to upload arbitrary files to perform arbitrary command or disrupt service.

Learn more about our Cis Benchmark Audit For Microsoft Office.