POSTING DATE: 2026/01/29
[VULNERABILITY ALERT] Hamasys | MeetingHub Paperless Meeting - Arbitrary File Upload Vulnerability
- Subject: [VULNERABILITY ALERT] Hamasys | MeetingHub Paperless Meeting - Arbitrary File Upload Vulnerability
- Content Description:
- Forwarded from Taiwan Computer Emergency Response Team/Coordination Center (TWCERTCC) Security Alert TWCERTCC-200-202601-00000021
- [Hamasys | MeetingHub Paperless Meeting - Arbitrary File Upload] (CVE-2026-1331, CVSS: 9.8) MeetingHub Paperless Meeting contains an Arbitrary File Upload vulnerability. An unauthenticated remote attacker can upload and execute web backdoors, thereby executing arbitrary code on the server side.
- Affected Platforms:
- MeetingHub (requires installation of the Check-in/Check-out module)
- Recommended Actions:
- Install patch version 20251210 (inclusive) or later.
- Reference Material:
Computer and Communication Center
Network Systems Division, Respectfully
