CVE-2025-15235

High CVSS: 7.1

QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a Missing Authorization vulnerability, allowing authenticated remote attackers to modify specific network packet parameters, enabling certain system functions to access other users' files.

Vendor

Quantatw

Product

Qoca Aim

CWE

CWE-862

Yayın Tarihi

2026-01-05 08:15:57

Güncelleme

2026-01-20 21:12:38

Source Identifier

twcert@cert.org.tw

KEV Date Added

Kategoriler

CWE-862 Qoca Aim HIGH Quantatw 2026

Referanslar

https://www.twcert.org.tw/en/cp-139-10616-cd942-2.html https://www.twcert.org.tw/tw/cp-132-10615-157a3-1.html

Benzer Kayıtlar

High

CVE-2025-15239

QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a SQL Injection vulnerability, allowing authenticate…

High

CVE-2025-15240

QOCA aim AI Medical Cloud Platform developed by Quanta Computer has an Arbitrary File Upload vulnerability, allowing aut…

Medium

CVE-2025-15236

QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a Path Traversal vulnerability, allowing authenticat…

Medium

CVE-2025-15237

QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a Path Traversal vulnerability, allowing authenticat…

High

CVE-2025-15238

QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a SQL Injection vulnerability, allowing authenticate…