CVE-2025-15228 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

BPMFlowWebkit developed by WELLTEND TECHNOLOGY has a Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web sh…
Critical CVSS: 9.3

CVE-2025-15228

BPMFlowWebkit developed by WELLTEND TECHNOLOGY has a Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.
Vendor
Welltend
Product
Bpmflowwebkit
CWE
CWE-434
Yayın Tarihi
2025-12-29 08:15:51
Güncelleme
2025-12-31 20:31:32
Source Identifier
twcert@cert.org.tw
KEV Date Added
-

Kategoriler

CWE-434 Bpmflowwebkit CRITICAL Welltend 2025

Referanslar

https://www.twcert.org.tw/en/cp-139-10605-426b6-2.html https://www.twcert.org.tw/tw/cp-132-10604-c65aa-1.html