Improper Validation in aEnrich a+HRD Login Function Allows Unauthenticated Remote Attackers to Bypass Authentication and Execute Arbitrary Commands
CVE-2022-39042 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
aEnrich a+HRD has improper validation for login function. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and access API function to perform arbitrary system command or disrupt service.
Learn more about our Api Penetration Testing.