CVE-2025-0584

Medium CVSS: 5.3

The a+HRD from aEnrich Technology has a Server-side Request Forgery, allowing unauthenticated remote attackers to exploit this vulnerability to probe internal network.

Vendor

Aenrich

Product

A\+hrd

CWE

CWE-918

Yayın Tarihi

2025-01-20 03:15:09

Güncelleme

2025-11-17 19:14:15

Source Identifier

twcert@cert.org.tw

KEV Date Added

Kategoriler

CWE-918 A\+hrd MEDIUM Aenrich 2025

Referanslar

https://www.twcert.org.tw/en/cp-139-8371-1c17a-2.html https://www.twcert.org.tw/tw/cp-132-8370-58eb5-1.html

Benzer Kayıtlar

Medium

CVE-2025-12869

The a+HRD developed by aEnrich has a Stored Cross-Site Scripting vulnerability, allowing remote attackers with administr…

Critical

CVE-2025-12870

The a+HRD developed by aEnrich has an Authentication Abuse vulnerability, allowing unauthenticated remote attackers to s…

Critical

CVE-2025-12871

The a+HRD developed by aEnrich has an Authentication Abuse vulnerability, allowing unauthenticated remote attackers to c…

Critical

CVE-2025-0585

The a+HRD from aEnrich Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject…

High

CVE-2025-0586

The a+HRD from aEnrich Technology has an Insecure Deserialization vulnerability, allowing remote attackers with database…

Medium

CVE-2025-0583

The a+HRD from aEnrich Technology has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote at…