[Vulnerability Alert] Local File Inclusion Vulnerability in Weichiao Information's Single Sign-On and Electronic Catalog Service System

• Subject: [Vulnerability Alert] Local File Inclusion Vulnerability in Weichiao Information's Single Sign-On and Electronic Catalog Service System
• Content:
  • Forwarded from Taiwan Computer Emergency Response Team/Coordination Center TWCERTCC-200-202508-00000010
  • [Weichiao Information | Single Sign-On and Electronic Catalog Service System - Local File Inclusion] (CVE-2025-8913, CVSS: 9.8) A Local File Inclusion vulnerability exists in the Single Sign-On and Electronic Catalog Service System developed by Weichiao Information. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary code on the server.
• Affected Platforms:
  • Single Sign-On and Electronic Catalog Service System versions IFTOP_P3_2_1_196 and earlier.
• Recommended Measures:
  • Update to version IFTOP_P3_2_1_197 or later.
• References:
  • https://www.twcert.org.tw/tw/cp-132-10321-3cae5-1.html

Computer and Communications Center
Network Systems Group