Lucene search
K

4 matches found

CVE
CVE
added 2023/02/27 12:0 a.m.59 views

CVE-2023-26759

The CVE-2023-26759 entry concerns Sme.UP ERP TOKYO V6R1M220406 and reports an OS command injection in the XMService component. The vulnerability affects the specified build and is described as enabling command execution without user interaction, with CVSS v3.1 metrics indicating a high-impact, ne...

8.8CVSS8.9AI score0.02377EPSS
CVE
CVE
added 2023/02/27 12:0 a.m.57 views

CVE-2023-26758

Affected software: Sme.UP TOKYO V6R1M220406. Vulnerability: An arbitrary file download vulnerability exists in the /ResourceService component. Root cause / vector: Unspecified in detail beyond the /ResourceService path being vulnerable; affected product exposed to file download via that component...

7.5CVSS7.6AI score0.00935EPSS
CVE
CVE
added 2023/02/27 12:0 a.m.53 views

CVE-2023-26760

CVE-2023-26760 affects Sme.UP ERP TOKYO V6R1M220406. The /debug endpoint exposes an information disclosure vulnerability that allows attackers to access cleartext credentials needed to authenticate to the AS/400 system. This is documented across multiple sources, with impact described as high con...

7.5CVSS7.3AI score0.00518EPSS
CVE
CVE
added 2023/02/27 12:0 a.m.46 views

CVE-2023-26762

CVE-2023-26762 affects Sme.UP ERP TOKYO V6R1M220406 and is an arbitrary file upload vulnerability. The provided data describe an external-facing issue with a CVSS v3.1 base score of 8.8 (High) and impact on confidentiality, integrity, and availability. The root cause is an arbitrary file upload f...

8.8CVSS8.8AI score0.00973EPSS