← voltar
CVE-2025-12870

aEnrich|eHRD - Authentication Abuse

CVSS 9.3 CRITICALEPSS 0.6%CWE-1390
The a+HRD developed by aEnrich has an Authentication Abuse vulnerability, allowing unauthenticated remote attackers to send crafted packets to obtain administrator access tokens and use them to access the system with elevated privileges.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Produtos afetados
aEnrich · a+HRD

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.chtsecurity.com/news/b97e8337-6b0c-43e8-8e8c-187b7c0e13c2https://www.twcert.org.tw/en/cp-139-10487-12a32-2.htmlhttps://www.twcert.org.tw/tw/cp-132-10486-a3459-1.html