CVE-2022-26676

aEnrich a+HRD has inadequate privilege restrictions, an unauthenticated remote attacker can use the API function to upload and execute malicious scripts to control the system or disrupt service.
References
Link Resource
https://www.twcert.org.tw/tw/cp-132-5970-2f405-1.html Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:aenrich:a\+hrd:6.8:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-04-07 19:15

Updated : 2024-02-28 19:09


NVD link : CVE-2022-26676

Mitre link : CVE-2022-26676

CVE.ORG link : CVE-2022-26676


JSON object : View

Products Affected

aenrich

  • a\+hrd
CWE
CWE-863

Incorrect Authorization

CWE-269

Improper Privilege Management