Vulnerabilities

CVE-2025-10267

by Fred · 12/09/2025

NUP Portal developed by NewType Infortech has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly upload files. If the attacker manages to bypass the file extension restrictions, they could upload a webshell and execute it on the server side.

More information : https://www.twcert.org.tw/en/cp-139-10378-4fd0d-2.html

Similar

Tags: Cybersecurity Alert