CVE-2022-50973
CriticalCVSS 9.8Exploitation Probability (EPSS)
Elevated risk54th percentile — higher than 54% of all known CVEs
Summary
An unauthenticated arbitrary file upload vulnerability in Yonyou KSOA 9.0 allows remote code execution via a crafted POST request to the ImageUpload servlet. Attackers can upload a JSP webshell without any authentication or validation.
Risk Assessment
The organization faces complete server compromise by an unauthenticated attacker, potentially leading to data theft, malware installation, or further network intrusions.
Recommendation
Immediately update Yonyou KSOA to the latest version or apply available security patches. If updating is not possible, restrict access to the ImageUpload servlet from untrusted networks.
Original NVD description (English source)
Yonyou KSOA 9.0 contains an unauthenticated arbitrary file upload vulnerability in the com.sksoft.bill.ImageUpload servlet that allows unauthenticated attackers to upload arbitrary files by submitting a POST request with attacker-controlled filepath and filename parameters without any authentication, file type, extension, or content validation. Attackers can upload a JSP webshell by specifying a malicious filename and root filepath, with the uploaded file stored under the pictures directory and directly executed by the web server, resulting in unauthenticated remote code execution. Exploitation evidence was first observed by the Shadowserver Foundation on 2023-11-07 (UTC).

