[VULNERABILITY ALERT] SUN NET | WMPro - Arbitrary File Upload (CVE-2025-15226)

• Subject: [VULNERABILITY ALERT] SUN NET | WMPro - Arbitrary File Upload (CVE-2025-15226)

• Content Description:
  • Forwarded from Taiwan Computer Emergency Response Team/Coordination Center Security Alert TWCERTCC-200-202512-00000016
  • [SUN NET | WMPro - Arbitrary File Upload] (CVE-2025-15226, CVSS: 9.8) WMPro contains an Arbitrary File Upload vulnerability. A remote unauthenticated attacker can upload and execute web shell programs, thereby executing arbitrary code on the server side.
• Affected Platforms:
  • WMPro versions 5.0 to 5.2
• Recommended Actions:
  • Contact the vendor to install patches and adjust system settings.
• Reference Material:
  1. https://www.twcert.org.tw/tw/cp-132-10602-c1c69-1.html

Computer and Communication Center
Network Systems Division, Respectfully