← back
CVE-2022-39042

aEnrich a+HRD - Improper Authentication

CVSS 9.8 CRITICALEPSS 1.5%CWE-287
aEnrich a+HRD has improper validation for login function. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and access API function to perform arbitrary system command or disrupt service.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
aEnrich · a+HRD

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.twcert.org.tw/tw/cp-132-6795-f7fe6-1.html