High severity7.2NVD Advisory· Published May 2, 2026· Updated May 12, 2026
CVE-2026-7490
CVE-2026-7490
Description
CTMS and CPAS developed by Sunnet has an Arbitrary File Upload vulnerability, allowing privileged remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4Patches
Vulnerability mechanics
References
2- www.twcert.org.tw/en/cp-139-10895-25ca1-2.htmlnvdThird Party Advisory
- www.twcert.org.tw/tw/cp-132-10894-1ac1f-1.htmlnvdThird Party Advisory
News mentions
0No linked articles in our index yet.