Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ERP solution Remote Code Execution Vulnerability
Vulnerability Description
A specific file on the sERP server if Kyungrinara(ERP solution) has a fixed password with the SYSTEM authority. This vulnerability could allow attackers to leak or steal sensitive information or execute malicious commands.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
使用硬编码的凭证
Vulnerability Title
sERP Server 信任管理问题漏洞
Vulnerability Description
sERP Server是韩国sERP公司的一款企业管理应用程序。 sERP Server 2.0 20.2.170之前版本存在安全漏洞,该漏洞源于如果Kyungrinara具有SYSTEM权限的固定密码,可能允许攻击者泄露/窃取敏感信息或者执行恶意命令。
CVSS Information
N/A
Vulnerability Type
N/A