Inadequate Privilege Restrictions in aEnrich a+HRD: Remote Code Execution Vulnerability
CVE-2022-26676 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
aEnrich a+HRD has inadequate privilege restrictions, an unauthenticated remote attacker can use the API function to upload and execute malicious scripts to control the system or disrupt service.
Learn more about our Api Penetration Testing.