CHANGING Mobile One Time Password's uploading function in a hidden page does not filter file type properly. Remote attackers with administrator privilege can exploit this vulnerability to upload and run malicious file to execute system commands.

CHANGING Mobile One Time Password does not properly filter parameters for the file download functionality, allowing remote attackers with administrator privilege to read arbitrary file on the system.

ChangingTec MOTP system has a path traversal vulnerability. A remote attacker with administrator’s privilege can exploit this vulnerability to access arbitrary system files.

ChangingTech MegaServiSignAdapter component has a vulnerability of Out-of-bounds Read due to insufficient validation for parameter length. An unauthenticated remote attacker can exploit this vulnerability to access partial sensitive content in memory and disrupts partial services.

ChangingTech MegaServiSignAdapter component has a vulnerability of improper input validation. An unauthenticated remote attacker can exploit this vulnerability to access and modify HKEY_CURRENT_USER subkey (ex: AutoRUN) in Registry where malicious scripts can be executed to take control of the system or to terminate the service.

ChangingTech MegaServiSignAdapter component has a path traversal vulnerability within its file reading function. An unauthenticated remote attacker can exploit this vulnerability to access arbitrary system files.

ChangingTec ServiSign component has a path traversal vulnerability due to insufficient filtering for special characters in the DLL file path. An unauthenticated remote attacker can host a malicious website for the component user to access, which triggers the component to load malicious DLL files under arbitrary file path and allows the attacker to perform arbitrary system operation and disrupt of service.

ChangingTec ServiSign component has a path traversal vulnerability. An unauthenticated LAN attacker can exploit this vulnerability to bypass authentication and access arbitrary system files.

ChangingTec ServiSign component has insufficient filtering for special characters in the connection response parameter. An unauthenticated remote attacker can host a malicious website for the component user to access, which triggers command injection and allows the attacker to execute arbitrary system command to perform arbitrary system operation or disrupt service.

RAVA certification validation system has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and access arbitrary system files.