Skip to main content

Inforcenter Plm EUVDEUVD-2026-17849

| CVE-2026-5261 MEDIUM
Unrestricted Upload of File with Dangerous Type (CWE-434)
2026-04-01 VulDB GHSA-m245-c8r9-78c2
5.5
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
5.5 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

5
CVSS changed
Apr 29, 2026 - 01:11 NVD
6.9 (MEDIUM) 5.5 (MEDIUM)
PoC Detected
Apr 01, 2026 - 14:23 vuln.today
Public exploit code
EUVD ID Assigned
Apr 01, 2026 - 09:00 euvd
EUVD-2026-17849
Analysis Generated
Apr 01, 2026 - 09:00 vuln.today
CVE Published
Apr 01, 2026 - 08:15 nvd
MEDIUM 6.9

DescriptionCVE.org

A vulnerability was identified in Shandong Hoteam InforCenter PLM up to 8.3.8. The impacted element is the function uploadFileToIIS of the file /Base/BaseHandler.ashx. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Unrestricted file upload in Shandong Hoteam InforCenter PLM versions up to 8.3.8 allows remote unauthenticated attackers to upload arbitrary files via the uploadFileToIIS function in /Base/BaseHandler.ashx, with a CVSS score of 6.9 and publicly available exploit code. The vendor did not respond to early disclosure notification, leaving all affected versions unpatched and at active risk.

Technical ContextAI

The vulnerability exists in the uploadFileToIIS function of the BaseHandler.ashx endpoint in Shandong Hoteam InforCenter PLM, a Product Lifecycle Management (PLM) system. The vulnerability is classified under CWE-434 (Unrestricted Upload of File with Dangerous Type), indicating insufficient validation of uploaded file content, type, or destination. The affected endpoint accepts a 'File' parameter without proper validation, allowing attackers to bypass intended file upload restrictions. BaseHandler.ashx is a common ASP.NET HTTP handler pattern used for processing file operations, and the direct exposure of this handler to unauthenticated remote requests creates a direct attack surface. The CVSS 4.0 vector shows network-accessible attack vector (AV:N), no complexity (AC:L), no authentication required (PR:N), and confidentiality/integrity/availability impact at low scope, suggesting the uploaded files can lead to information disclosure or system compromise depending on the application's handling of uploaded content.

RemediationAI

No vendor-released patch identified at time of analysis. The vendor (Shandong Hoteam) did not respond to early disclosure and has not released a patched version. Organizations must immediately restrict network access to the /Base/BaseHandler.ashx endpoint using firewall rules or web application firewall (WAF) policies to block unauthenticated requests to this path. Implement input validation and file type restrictions at the application or proxy level if possible. Monitor for suspicious file uploads targeting BaseHandler.ashx. Consider isolating affected InforCenter PLM instances from production networks or disabling the uploadFileToIIS function if not required for business operations. Escalate requests to Shandong Hoteam for a security patch and timeline; if unresponsive, evaluate alternative PLM solutions or implement compensating security controls (e.g., sandboxed execution, file upload scanning, access logging). References: https://vuldb.com/vuln/354450, https://vuldb.com/vuln/354450/cti

Share

EUVD-2026-17849 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy