제출 #800792: PicoTronica e-Clinic Healthcare System (ECHS) v5.7 Improper Privilege Management정보

제목PicoTronica e-Clinic Healthcare System (ECHS) v5.7 Improper Privilege Management
설명In e-Clinic Healthcare System (ECHS) v5.7, a privileged administrative credential is embedded in a client-side JavaScript file at `/cdemos/echs/priv/echs.js` and is used as authentication material via an `X-Admin-Key` request header. The JavaScript (and embedded key) can be retrieved over HTTP(S), and the administrative key can be extracted and then used remotely in HTTP(S) requests to enable unauthorized use of administrative functionality
원천⚠️ https://docs.google.com/document/d/1w1veNs8I3nxsVxbSiIgJmt-4S5a0rW0bvjDvEe7iDr0/edit?usp=sharing
사용자
 Anonymous User
제출2026. 04. 09. AM 07:30 (2 개월 ago)
모더레이션2026. 05. 06. PM 02:17 (27 days later)
상태수락
VulDB 항목361358 [PicoTronica e-Clinic Healthcare System ECHS 5.7 echs.js ADMIN_KEY 약한 인증]
포인트들20

이전개요다음

Do you need the next level of professionalism?

Upgrade your account now!