CVE-2026-13547

EUVD-2026-40047
A vulnerability was determined in Hanwang e-Face General Management Platform 6.3.5.4. This issue affects some unknown processing of the file /manage/resourceUpload/upload.do. Executing a manipulation of the argument File can lead to unrestricted upload. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.3 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 19%
Common Weakness Enumeration
References
https://ucn9h68n9289.feishu.cn/wiki/SrO0wcxd9i6ByukOizGcIgpBnRd
https://vuldb.com/cve/CVE-2026-13547
https://vuldb.com/submit/842646
https://vuldb.com/vuln/374555
https://vuldb.com/vuln/374555/cti