Tag: ufida

All the articles with the tag "ufida".

• [CVE-2025-34039] Yonyou UFIDA NC BeanShell Servlet Hands Over Remote Code Execution

  23 Jun, 2025

  A forgotten BeanShell test servlet inside Yonyou UFIDA NC up to 6.5 lets unauthenticated users inject Java code and run operating-system commands. Although the framework is popular mainly in mainland China, many ERP deployments expose the vulnerable endpoint to the internet.