Unauthenticated File Upload Vulnerability in Yonyou KSOA 9.0
CVE-2022-50973
Key Information:
- Status
- Vendor
- CVE Published:
- 2 July 2026
Badges
What is CVE-2022-50973?
Yonyou KSOA 9.0 is vulnerable to an unauthenticated file upload issue in the com.sksoft.bill.ImageUpload servlet. This flaw allows attackers to upload arbitrary files simply by submitting a POST request with manipulated filepath and filename parameters, bypassing crucial authentication, file type, and content validations. A successful exploitation can lead to remote code execution via a JSP webshell, with the malicious file stored in the pictures directory and executed by the web server. Evidence of exploitation was first documented by the Shadowserver Foundation on November 7, 2023.
Affected Version(s)
KSOA 9.0
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V4
Timeline
- ๐ก
Public PoC available
- ๐พ
Exploit known to exist
Vulnerability published
Vulnerability Reserved
