Forwarded from Taiwan Computer Network Crisis Management and Coordination Center (TWCERTCC-200-202508-00000005)

[Description]
[2100 Technology | Official Document Management System - Authentication Bypass] (CVE-2025-8853, CVSS: 9.8) The official document management system developed by 2100 Technology contains an authentication bypass vulnerability. An unauthenticated remote attacker can bypass restrictions and obtain the connection token of any user, then use the obtained token to log into the system as that user.

[Affected Platforms]
Official Document Management System versions 5.0.89.0, 5.0.89.1, and 5.0.89.2

[Recommended Action]
Update to version 5.0.90 or later.

[References]
1. https://www.twcert.org.tw/tw/cp-132-10319-adc18-1.html