Primary

Context

TalentSys Inka.Net Unrestricted File Upload Vulnerability Allowing Command Injection

Vulnerability

A vulnerability allowing unrestricted upload of files with dangerous types has been identified in TalentSys Consulting Information Technology Industry Inc. Inka.Net, affecting versions prior to 6.7.1. This vulnerability allows for command injection, potentially enabling cyber attackers to execute malicious commands on the server.

Impact

Exploitation of this vulnerability could lead to command injection, allowing attackers to execute arbitrary commands on the server where Inka.Net is running.

Remediation

Users are advised to upgrade to version 6.7.1 or later.

Added: Sep 23, 2025, 1:16 PM

Updated: Sep 23, 2025, 1:16 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

7.4

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

7.4

remediation

7.7

relevance

0.5

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

TalentSys Inka.Net Unrestricted File Upload Vulnerability Allowing Command Injection

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating