| タイトル | Acrel Electrical Co., Ltd. Prepaid Cloud Platform v 1.0 Information Disclosure |
|---|
| 説明 | Ankerui Electric Co., Ltd.'s prepaid cloud platform has an unauthorized information leakage vulnerability. An attacker can obtain sensitive information within the platform without authentication by accessing specific interfaces of the platform or unprotected backup files. After analysis, the leaked content includes core configuration information such as intranet server IP addresses, database connection accounts and passwords, which can be used by attackers to directly access business databases without authorization, and then read, tamper with or delete key business data such as user payment records and account information. It also provides an entry point for further attacks such as intranet penetration and lateral movement, seriously threatening user data security and platform business continuity. |
|---|
| ソース | ⚠️ https://github.com/3223892355/CVE/blob/main/001/report.md |
|---|
| ユーザー | 3108109544 (UID 96464) |
|---|
| 送信 | 2026年03月21日 06:10 (28 日 ago) |
|---|
| モデレーション | 2026年04月05日 15:21 (15 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 355393 [Acrel Electrical Prepaid Cloud Platform 1.0 Backup File /bin.rar 情報漏えい] |
|---|
| ポイント | 20 |
|---|