← voltar
CVE-2025-2395

e-Excellence U-Office Force - Improper Authentication

CVSS 9.8 CRITICALEPSS 0.5%CWE-565
The U-Office Force from e-Excellence has an Improper Authentication vulnerability, allowing unauthenticated remote attackers to use a particular API and alter cookies to log in as an administrator.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
e-Excellence · U-Office Force

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://www.twcert.org.tw/en/cp-139-10012-d5bbc-2.htmlhttps://www.twcert.org.tw/tw/cp-132-10011-3de72-1.html