CNNVD-202508-2816 Information

CNNVD ID

CNNVD-202508-2816

Related CVE

CVE-2025-9254

• CNNVD Published: 2025-08-22

Description (Chinese)

WebITR是中国台湾WebITR公司的一款差勤系统。 WebITR存在访问控制错误漏洞，该漏洞源于缺少身份验证，可能导致未经验证的远程攻击者以任意用户身份登录系统。

Description (English)

WebITR is a travel system of WebITr, Taiwan, China. WebITR has a access control error loophole, which stems from a lack of identification, which may result in uncertified remote assailants entering the system as an arbitrary user.

Hazard Level

Low

Vulnerability Type

访问控制错误

Affected Vendor

WebITR

Published

2025-08-22

Last Modified

2026-02-24

References

https://www.twcert.org.tw/tw/cp-132-10328-dbc35-1.html https://www.twcert.org.tw/en/cp-139-10329-a1c5d-2.html https://nvd.nist.gov/vuln/detail/CVE-2025-9254