[Vulnerability Alert] 2100 Technology | Official Document Management System - Authentication Bypass

* Subject: [Vulnerability Alert] 2100 Technology | Official Document Management System - Authentication Bypass

* Content:

• Forwarded from TWCERTCC-200-202508-00000005, Taiwan Computer Emergency Response Team/Coordination Center
• [2100 Technology | Official Document Management System - Authentication Bypass] (CVE-2025-8853, CVSS: 9.8) A remote attacker without authentication can exploit an Authentication Bypass vulnerability in 2100 Technology’s Official Document Management System to obtain a connection token for any user and use the token to log into the system as that user.

* Affected Platforms:

• Official Document Management System versions 5.0.89.0, 5.0.89.1, and 5.0.89.2

* Recommended Measures:

• Update to version 5.0.90 or later

* References:

1. https://www.twcert.org.tw/tw/cp-132-10319-adc18-1.html

Computer and Communications Center
Network Systems Division Respectfully