CNNVD-202508-1403 Information

CNNVD ID

CNNVD-202508-1403

Related CVE

CVE-2025-50594

• CNNVD Published: 2025-08-13

Description (Chinese)

Danphe Health Hospital Management System EMR是尼泊尔Danphe Health公司的一个医院管理系统。 Danphe Health Hospital Management System EMR 3.2版本存在安全漏洞，该漏洞源于/Settings/SecuritySettingsController.cs未正确验证权限，可能导致任意账户密码重置。

Description (English)

Dolphe Health Health Management System EMR is a hospital management system of the Nepalese company Danphe Health. The security loophole in version 3.2 of Danish Health Management System EMR, which arises from/Settings/SecuritySettingsController.cs ’ incorrect authentication permission, may lead to the resetting of any account password.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

Danphe Health

Published

2025-08-13

Last Modified

2026-02-24

References

https://www.aecyberpro.com/blog/general/2025-04-30-Account-Takeover-BOLA-Hospital-Management-System-EMR/ https://access.redhat.com/security/cve/cve-2025-50594