ГлавнаяУязвимости → CVE-2025-12871
9.8критическая

CVE-2025-12871

Описание

The a+HRD developed by aEnrich has an Authentication Abuse vulnerability, allowing unauthenticated remote attackers to craft administrator access tokens and use them to access the system with elevated privileges.

Затрагиваемое ПО
Aenrich A\+hrd
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://www.twcert.org.tw/en/cp-139-10487-12a32-2.htmlhttps://www.twcert.org.tw/tw/cp-132-10486-a3459-1.htmlhttps://www.chtsecurity.com/news/b97e8337-6b0c-43e8-8e8c-187b7c0e13c2