Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-10438

The eHRD CTMS from Sunnet has an Authentication Bypass vulnerability, allowing unauthenticated remote attackers to bypass authentication by satisfying specific conditions in order to access certain functionalities.

Published

2024-10-28T03:15:02.423

Last Modified

2025-09-25T14:13:08.880

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Secondary
CWE-288

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	sun.net	ehrd_ctms	< 10.14	Yes

References

https://www.twcert.org.tw/en/cp-139-8165-7da2f-2.html Third Party Advisory ([email protected])
https://www.twcert.org.tw/tw/cp-132-8164-fe7c5-1.html Third Party Advisory ([email protected])