CVE-2021-22858

Summary

Attackers can access the CGE account management function without privilege for permission elevation and execute arbitrary commands or files after obtaining user permissions.

Affected Software

VendorProductVersion RangeStatus
ChanGate EnterPrise Co., Ltdproperty management system0 <= 1.00affected

Weaknesses

  • CWE-287: CWE-287 Improper Authentication

ADP Enrichment

CVE Program Container

Additional References

References