All 5 CVE vulnerabilities found in IRM Next Generation, with AI-generated Chinese analysis, references, and POCs.
Vendor: Resort Data Processing, Inc.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-39424 | Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') in RDPngFileUpload.dll CWE-74 | 9.9 | Critical | 2023-09-07 |
| CVE-2023-39423 | Improper Neutralization of Special Elements used in an SQL Command in RDPData.dll CWE-89 | 8.6 | High | 2023-09-07 |
| CVE-2023-39422 | Use of Hard-coded Credentials in multiple /irmdata/api/ endpoints CWE-798 | 6.5 | Medium | 2023-09-07 |
| CVE-2023-39421 | Use of Hard-coded Credentials in RDPWin.dll CWE-798 | 7.7 | High | 2023-09-07 |
| CVE-2023-39420 | Use of Hard-coded Credentials in RDPCore.dll CWE-798 | 9.9 | Critical | 2023-09-07 |
All 5 known CVE vulnerabilities affecting IRM Next Generation with full Chinese analysis, references, and POCs where available.