CVE-2025-40678 | Summar Portal del Empleado 3.98.0 POST Request ntf_absentismo.aspx cctl00$ContentPlaceHolder1$fuAdjunto unrestricted upload

A vulnerability identified as critical has been detected in Summar Portal del Empleado 3.98.0. Affected by this issue is some unknown functionality of the file /MemberPages/ntf_absentismo.aspx of the component POST Request Handler. The manipulation of the argument cctl00$ContentPlaceHolder1$fuAdjunto leads to unrestricted upload.

This vulnerability is traded as CVE-2025-40678. It is possible to initiate the attack remotely. There is no exploit available.VulDB Recent EntriesRead More