| Title | Acrel Electrical Co., Ltd. Prepaid Cloud Platform v 1.0 Information Disclosure |
|---|
| Description | Ankerui Electric Co., Ltd.'s prepaid cloud platform has an unauthorized information leakage vulnerability. An attacker can obtain sensitive information within the platform without authentication by accessing specific interfaces of the platform or unprotected backup files. After analysis, the leaked content includes core configuration information such as intranet server IP addresses, database connection accounts and passwords, which can be used by attackers to directly access business databases without authorization, and then read, tamper with or delete key business data such as user payment records and account information. It also provides an entry point for further attacks such as intranet penetration and lateral movement, seriously threatening user data security and platform business continuity. |
|---|
| Source | ⚠️ https://github.com/3223892355/CVE/blob/main/001/report.md |
|---|
| User | 3108109544 (UID 96464) |
|---|
| Submission | 03/21/2026 06:10 (16 days ago) |
|---|
| Moderation | 04/05/2026 15:21 (15 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 355393 [Acrel Electrical Prepaid Cloud Platform 1.0 Backup File /bin.rar information disclosure] |
|---|
| Points | 20 |
|---|