Vulnerability Details CVE-2022-39039
aEnrich’s a+HRD has inadequate filtering for specific URL parameter. An unauthenticated remote attacker can exploit this vulnerability to send arbitrary HTTP(s) request to launch Server-Side Request Forgery (SSRF) attack, to perform arbitrary system command or disrupt service.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 73.4%
CVSS Severity
CVSS v3 Score 9.8
Products affected by CVE-2022-39039
-
cpe:2.3:a:aenrich:a+hrd:6.8
-
cpe:2.3:a:aenrich:a+hrd:7.0