aEnrich a+HRD has inadequate filtering for special characters in URLs. An unauthenticated remote attacker can bypass authentication and perform path traversal attacks to access arbitrary files under website root directory.
References
Link | Resource |
---|---|
https://www.twcert.org.tw/tw/cp-132-5969-a5d4a-1.html | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: twcert
Published: 2022-03-31T00:00:00
Updated: 2022-04-07T18:22:42
Reserved: 2022-03-08T00:00:00
Link: CVE-2022-26675
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-04-07T19:15:09.060
Modified: 2022-04-14T19:00:02.410
Link: CVE-2022-26675
JSON object: View
Redhat Information
No data.
CWE