Skip to main content

Hospital Quering Management

1 CVEs product

Monthly

CVE-2026-14162 CRITICAL PATCH Act Now

Sensitive data exposure in Advantech Hospital Queuing Management lets unauthenticated remote attackers reach a specific URL and retrieve the application's API documentation, mapping out endpoints and parameters without any credentials. The flaw is rooted in missing authentication (CWE-306) on a resource that should be protected, and TWCERT rates it CVSS 4.0 9.3 (Critical). No public exploit is identified at time of analysis, but the exposed API documentation provides reconnaissance that materially lowers the barrier to follow-on attacks.

Authentication Bypass Information Disclosure Hospital Quering Management
NVD VulDB
CVSS 4.0
9.3
EPSS
0.5%
EPSS 0% CVSS 9.3
CRITICAL PATCH Act Now

Sensitive data exposure in Advantech Hospital Queuing Management lets unauthenticated remote attackers reach a specific URL and retrieve the application's API documentation, mapping out endpoints and parameters without any credentials. The flaw is rooted in missing authentication (CWE-306) on a resource that should be protected, and TWCERT rates it CVSS 4.0 9.3 (Critical). No public exploit is identified at time of analysis, but the exposed API documentation provides reconnaissance that materially lowers the barrier to follow-on attacks.

Authentication Bypass Information Disclosure Hospital Quering Management
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy