Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2022-39039

aEnrich’s a+HRD has inadequate filtering for specific URL parameter. An unauthenticated remote attacker can exploit this vulnerability to send arbitrary HTTP(s) request to launch Server-Side Request Forgery (SSRF) attack, to perform arbitrary system command or disrupt service.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 73.4%
CVSS Severity
CVSS v3 Score 9.8
Products affected by CVE-2022-39039
  • Aenrich » A+hrd » Version: 6.8
    cpe:2.3:a:aenrich:a+hrd:6.8
  • Aenrich » A+hrd » Version: 7.0
    cpe:2.3:a:aenrich:a+hrd:7.0


Contact Us

Shodan ® - All rights reserved