【Vulnerability Alert】InterNet｜DreamMaker - Arbitrary File Upload

• Subject: 【Vulnerability Alert】InterNet｜DreamMaker - Arbitrary File Upload

• Description:
  • Forwarding Taiwan Computer Emergency Response Team / Coordination Center (TWCERT/CC) Cybersecurity Alert TWCERTCC-200-202606-00000004
  • 【InterNet｜DreamMaker - Arbitrary File Upload】(CVE-2026-10071, CVSS: 9.8) An unauthenticated remote attacker can upload and execute a web backdoor, allowing them to execute arbitrary code on the server.
• Affected Platforms:
  • DreamMaker Java Composer version 2.2 and prior
• Recommended Actions:
  • Update to Java Composer version 2.3 or later

Computer and Communication Center
Network Systems Division