Medium severity5.3NVD Advisory· Published Sep 12, 2025· Updated Apr 15, 2026
CVE-2025-10267
CVE-2025-10267
Description
NUP Portal developed by NewType Infortech has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly upload files. If the attacker manages to bypass the file extension restrictions, they could upload a webshell and execute it on the server side.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.