CVE-2026-4220 | Technologies Integrated Management Platform 7.17.0 /SetWebpagePic.jsp targetPath/Suffix unrestricted upload

Inserito da Angelo Barbosa | Mar 15, 2026 | CVE

A vulnerability identified as critical has been detected in Technologies Integrated Management Platform 7.17.0. Affected by this issue is some unknown functionality of the file /SetWebpagePic.jsp. The manipulation of the argument targetPath/Suffix leads to unrestricted upload.

This vulnerability is listed as CVE-2026-4220. The attack may be initiated remotely. In addition, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-4220 | Technologies Integrated Management Platform 7.17.0 /SetWebpagePic.jsp targetPath/Suffix unrestricted upload

Post correlati

CVE-2026-27511 | Tenda F3 up to 12.01.01.55_multi Web-based Administrative Interface ui layer

CVE-2024-1995 | Smart Custom Fields Plugin up to 4.2.2 on WordPress Post authorization

CVE-2021-47133 | Linux Kernel up to 5.12.9 amd_sfh memory leak (29beadea66a2/5ad755fd2b32)

CVE-2025-4819 | y_project RuoYi 4.8.0 Offline Logout batchForceLogout ids improper authorization