go to Content
:::

TWCERT/CC Taiwan Computer Emergency Response Team/Coordination Center

:::
Date:
Font-stze:

aEnrich a+HRD - Path Traversal

TVN ID TVN-202210020
CVE ID CVE-2022-39040
CVSS 7.5 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected Products aEnrich a+HRD v6.8 & v7.0
Description aEnrich a+HRD log read function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download system files.
Solution Contact tech support from aEnrich
Credit Cyku Hong、Kun Xian Lin (DEVCORE)
Public Date 2022-12-14
Top