CVE-2025-0586

High CVSS: 7.2

The a+HRD from aEnrich Technology has an Insecure Deserialization vulnerability, allowing remote attackers with database modification privileges and regular system privileges to perform arbitrary code execution.

Vendor

Aenrich

Product

A\+hrd

CWE

CWE-502

Yayın Tarihi

2025-01-20 03:15:09

Güncelleme

2025-11-17 19:11:46

Source Identifier

twcert@cert.org.tw

KEV Date Added

Kategoriler

CWE-502 A\+hrd HIGH Aenrich 2025

Referanslar

https://www.twcert.org.tw/en/cp-139-8375-59abd-2.html https://www.twcert.org.tw/tw/cp-132-8374-7085a-1.html

Benzer Kayıtlar

Medium

CVE-2025-12869

The a+HRD developed by aEnrich has a Stored Cross-Site Scripting vulnerability, allowing remote attackers with administr…

Critical

CVE-2025-12870

The a+HRD developed by aEnrich has an Authentication Abuse vulnerability, allowing unauthenticated remote attackers to s…

Critical

CVE-2025-12871

The a+HRD developed by aEnrich has an Authentication Abuse vulnerability, allowing unauthenticated remote attackers to c…

Medium

CVE-2025-0584

The a+HRD from aEnrich Technology has a Server-side Request Forgery, allowing unauthenticated remote attackers to exploi…

Critical

CVE-2025-0585

The a+HRD from aEnrich Technology has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject…

Medium

CVE-2025-0583

The a+HRD from aEnrich Technology has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote at…