← volver
CVE-2026-8242

Industrial Application Software IAS Canias ERP Login RMI doAction response discrepancy

CVSS 6.3 MEDIUMEPSS 0.3%CWE-203CWE-204
A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. The impacted element is the function doAction of the component Login RMI Interface. Performing a manipulation results in observable response discrepancy. The attack is possible to be carried out remotely. A high degree of complexity is needed for the attack. The exploitability is regarded as difficult. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
Productos afectados
Industrial Application Software IAS · Canias ERP
PoCs públicas encontradas1
cve_referencegist.github.com/0xb1lal/85422a63c10a001c75a22365457de624no verificado
⚠ Recursos públicos, para evaluar la exposición de sistemas que controlas o estás autorizado a probar. Prueba solo con autorización.

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://gist.github.com/0xb1lal/85422a63c10a001c75a22365457de624https://hawktrace.com/blog/caniaserphttps://vuldb.com/submit/808295https://vuldb.com/vuln/362458https://vuldb.com/vuln/362458/cti