← volver
CVE-2022-39042

aEnrich a+HRD - Improper Authentication

CVSS 9.8 CRITICALEPSS 1.5%CWE-287
aEnrich a+HRD has improper validation for login function. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and access API function to perform arbitrary system command or disrupt service.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Productos afectados
aEnrich · a+HRD

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.twcert.org.tw/tw/cp-132-6795-f7fe6-1.html