A vulnerability described as critical has been identified in Hanwang e-Face General Management Platform 6.3.5.4 . This issue affects some unknown processing of the file /manage/resourceUpload/upload.do . Executing a manipulation of the argument File can lead to unrestricted upload. The identification of this vulnerability is CVE-2026-13547 . The attack may be launched remotely. Furthermore, there is an exploit available.