POSTING DATE: 2026/01/06

[VULNERABILITY ALERT] SUN NET | WMPro - Arbitrary File Upload (CVE-2025-15226)

  • Subject: [VULNERABILITY ALERT] SUN NET | WMPro - Arbitrary File Upload (CVE-2025-15226)


  • Content Description:
    • Forwarded from Taiwan Computer Emergency Response Team/Coordination Center Security Alert TWCERTCC-200-202512-00000016
    • [SUN NET | WMPro - Arbitrary File Upload] (CVE-2025-15226, CVSS: 9.8) WMPro contains an Arbitrary File Upload vulnerability. A remote unauthenticated attacker can upload and execute web shell programs, thereby executing arbitrary code on the server side.
  • Affected Platforms:
    • WMPro versions 5.0 to 5.2
  • Recommended Actions:
    • Contact the vendor to install patches and adjust system settings.
  • Reference Material:
    1. https://www.twcert.org.tw/tw/cp-132-10602-c1c69-1.html

Computer and Communication Center
Network Systems Division, Respectfully