On June 26, 2019, Alibaba Cloud Security detected a remote command execution vulnerability in Seeyon office automation (OA) system. The htmlofficeservlet interface of Seeyon OA system has a vulnerability in processing specific requests. Attackers may send specially crafted HTTP requests to exploit the vulnerability and execute arbitrary commands on the target server. This is a high-risk vulnerability. Alibaba Cloud Security has figured out how this 0-day vulnerability is exploited.

On June 27, 2019, Cloud Firewall released a virtual patch to address this vulnerability. We recommend that you enable virtual patches (enabled by default when the Cloud Firewall service is activated) and traffic control mode for protection. Seeyon has released an official security patch. Users can contact Seeyon for system updates.

Impacted system: Seeyon OA system

Policy: command execution

Risk level: high

Policy-based protection: A virtual patch is available in the Cloud Firewall console to address this vulnerability.