CNNVD-202602-1167 Information

CNNVD ID

CNNVD-202602-1167

Related CVE

CVE-2020-37135

• CNNVD Published: 2026-02-07

Description (Chinese)

AMSS++是Amssplus的一个办公管理支持系统的工具。 AMSS++ 4.7版本存在信任管理问题漏洞，该漏洞源于存在硬编码凭证，可能导致攻击者绕过身份验证访问管理员账户。

Description (English)

AMSS++ is a tool for an office management support system in Amsplus. There is a trust management gap in the AMSS++ 4.7 version, which stems from the existence of hard-coded vouchers, which could lead the attackers to bypass the identification access administrator accounts.

Hazard Level

Medium

Vulnerability Type

信任管理问题

Affected Vendor

Amssplus

Published

2026-02-07

Last Modified

2026-02-24

References

https://www.exploit-db.com/exploits/48114 https://www.vulncheck.com/advisories/amss-backdoor-admin-account