CVE-2022-26675

aEnrich a+HRD has inadequate filtering for special characters in URLs. An unauthenticated remote attacker can bypass authentication and perform path traversal attacks to access arbitrary files under website root directory.
References
Link Resource
https://www.twcert.org.tw/tw/cp-132-5969-a5d4a-1.html Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:aenrich:a+hrd:6.8:*:*:*:*:*:*:*

Information

Published : 2022-04-07 07:15

Updated : 2022-04-14 07:00


NVD link : CVE-2022-26675

Mitre link : CVE-2022-26675

Products Affected
No products.
CWE