Skip to main content
CVE-2021-22860 CRITICAL Act Now

EIC e-document system does not perform completed identity verification for sorting and filtering personnel data. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass E Document System
NVD GitHub
CVSS 3.1
9.8
EPSS
2.6%
CVE-2021-22859 CRITICAL Act Now

The users’ data querying function of EIC e-document system does not filter the special characters which resulted in remote attackers can inject SQL syntax and execute arbitrary commands without. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi E Document System
NVD GitHub
CVSS 3.1
9.8
EPSS
3.8%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy