H3C SecCenter Unrestricted File Upload Vulnerability in SafeEvent ImportFile Functionality

Vulnerability

A critical vulnerability has been identified in H3C SecCenter SMP-E1114P02 versions prior to 20250513. The issue resides in the file '/safeEvent/importFile/', where an unknown functionality allows for unrestricted file uploads. This vulnerability can be exploited remotely.

Impact

Exploitation of this vulnerability allows for unrestricted file uploads, which could lead to various consequences depending on the uploaded file's nature, such as executing malicious code or causing a denial-of-service.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

5.2

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

H3C SecCenter Unrestricted File Upload Vulnerability in SafeEvent ImportFile Functionality

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating