CHT Security Red Team Discovered a Vulnerability in a Well-Known Official Document Management System.

Summary 
CHT Security Red team discovered a vulnerability in a well-known Taiwanese electronic official document management system, which contains a failure in the authentication mechanism that could lead to sensitive data leakage.

Detail
A vulnerability has been discovered in the electronic official document management system (version < 5.0.86.9), which involves a failure in the authentication mechanism. Attackers can bypass the system's authentication by modifying request packets, allowing access to the information of currently logged-in users, thereby gaining access to the system. This vulnerability is classified under OWASP Top10 A07:2021 - Identification and Authentication Failures.  

Version   
Version < 5.0.86.9

Credits 
Sam Huang (CHT Security)

LiYu Hung(CHT Security)