[VULNERABILITY ALERT] Hamasys | MeetingHub Paperless Meeting - Arbitrary File Upload Vulnerability

• Subject: [VULNERABILITY ALERT] Hamasys | MeetingHub Paperless Meeting - Arbitrary File Upload Vulnerability

• Content Description:
  • Forwarded from Taiwan Computer Emergency Response Team/Coordination Center (TWCERTCC) Security Alert TWCERTCC-200-202601-00000021
  • [Hamasys | MeetingHub Paperless Meeting - Arbitrary File Upload] (CVE-2026-1331, CVSS: 9.8) MeetingHub Paperless Meeting contains an Arbitrary File Upload vulnerability. An unauthenticated remote attacker can upload and execute web backdoors, thereby executing arbitrary code on the server side.
• Affected Platforms:
  • MeetingHub (requires installation of the Check-in/Check-out module)
• Recommended Actions:
  • Install patch version 20251210 (inclusive) or later.
• Reference Material:
  1. https://www.twcert.org.tw/tw/cp-132-10650-a5ee9-1.html

Computer and Communication Center
Network Systems Division, Respectfully