Skip to main content

Enterprise Cloud Database EUVDEUVD-2026-43272

| CVE-2026-15553 MEDIUM
Unrestricted Upload of File with Dangerous Type (CWE-434)
2026-07-13 twcert GHSA-q692-3gm2-wf73
6.9
CVSS 4.0 · Vendor: twcert
Share

Severity by source

Vendor (twcert) PRIMARY
6.9 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
4.7 MEDIUM

Network vector, no authentication, but UI:R reflects that secondary impact requires a user to download; S:C captures cross-user file delivery risk.

3.1 AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
4.0 AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N

Primary rating from Vendor (twcert).

CVSS VectorVendor: twcert

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

1
Analysis Generated
Jul 13, 2026 - 04:24 vuln.today

DescriptionCVE.org

Enterprise Cloud Database developed by Ragic has a Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload malicious files and make them available for users to download.

AnalysisAI

Unrestricted file upload in Ragic Enterprise Cloud Database exposes all versions to unauthenticated remote exploitation, allowing attackers to plant malicious files that are subsequently served to authenticated platform users for download. The root cause is CWE-434 (Unrestricted Upload of File with Dangerous Type), meaning the application performs no meaningful validation of file type, content, or extension before persisting uploads. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Identify accessible Ragic upload endpoint
Delivery
Send unauthenticated HTTP file upload request
Exploit
Malicious file persisted on platform
Execution
File listed as available download for platform users
Persist
User downloads malicious file
Impact
Payload executes on user workstation

Vulnerability AssessmentAI

Exploitation No special conditions are required for the upload phase: the file upload endpoint accepts requests from unauthenticated, remote, network-accessible attackers with no configuration prerequisites (CVSS 4.0 AV:N/AC:L/AT:N/PR:N/UI:N). … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 base score of 6.9 reflects a medium-severity finding, but the real-world risk profile warrants closer scrutiny. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An unauthenticated attacker identifies a publicly accessible Ragic Enterprise Cloud Database instance and submits a crafted HTTP POST request to the file upload endpoint, attaching a malicious executable or macro-enabled Office document. No credentials, session token, or special configuration is needed. …
Remediation The primary remediation is to apply the vendor-released patch or configuration update described in the TWCERT advisories at https://www.twcert.org.tw/en/cp-139-11032-460c2-2.html - an exact fixed version number is not independently confirmed from available data, so administrators should consult Ragic directly for the patched build. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-43272 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy