aEnrich Technology a+HRD has a vulnerability of Deserialization of Untrusted Data within its MSMQ asynchronized message process. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary system commands to perform arbitrary system operation or disrupt service.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HAenrich A\+hrd
APPAenrich6.8.1039v844
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Deserialization
CWE
Related vulnerabilities
CVE-2025-12870CRITICAL9.3PL ✓ten sam produkt
Authentication Abuse w aEnrich a+HRD — przejęcie tokenu administratora
CVE-2025-12871CRITICAL9.3PL ✓ten sam produkt
Aenrich A+HRD – obejście uwierzytelnienia przez fałszywe tokeny administratora
CVE-2025-0585CRITICAL9.8PL ✓ten sam produkt
SQL Injection w Aenrich A+HRD — nieuwierzytelniony zdalny dostęp do bazy danych
CVE-2023-20852CRITICAL9.8ten sam produkt
aEnrich Technology a+HRD has a vulnerability of Deserialization of Untrusted Data within its MSMQ interpreter....
CVE-2022-39041CRITICAL9.8ten sam produkt
aEnrich a+HRD has insufficient user input validation for specific API parameter. An unauthenticated remote att...