Arbitrary File Upload Vulnerability in QMS Automotive (All versions < V12.39)

Arbitrary File Upload Vulnerability in QMS Automotive (All versions < V12.39)

CVE-2023-40731 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

A vulnerability has been identified in QMS Automotive (All versions < V12.39). The affected application allows users to upload arbitrary file types. This could allow an attacker to upload malicious files, that could potentially lead to code tampering.

Learn more about our Automotive Penetration Testing.