N/A

A vulnerability has been identified in COMOS V10.2 (All versions only if web components are used), COMOS V10.3 (All versions < V10.3.3.3 only if web components are used), COMOS V10.4 (All versions < V10.4.1 only if web components are used). The COMOS Web component of COMOS allows to upload and store arbitrary files at the webserver. This could allow an attacker to store malicious files.

N/A

危险类型文件的不加限制上传

Siemens Comos 代码问题漏洞

Siemens Comos是德国西门子（Siemens）公司的一个工厂工程软件解决方案。用于过程工业。 Siemens Comos V10.2存在代码问题漏洞，该漏洞源于COMOS的COMOS Web组件允许在Web服务器上上传和存储任意文件。这可能会让攻击者可利用该漏洞存储恶意文件。

N/A

N/A