CHT Security Red Team Discovered a Vulnerability in a Well-Known Official Document Management System.

Summary

CHT Security Red team discovered a vulnerability in a well-known Taiwanese electronic official document management system, which contains a failure in the authentication mechanism that could lead to sensitive data leakage.

Detail

CVE-2025-XXXX: A vulnerability has been discovered in the electronic official document management system (version <= 5.0.89.2), which involves a failure in the authentication mechanism. Attackers can bypass the system's authentication by modifying request packets, allowing access to the information of currently logged-in users, thereby gaining access to the system. This vulnerability is classified under OWASP Top10 A07:2021 - Identification and Authentication Failures.

Version 

Version <= 5.0.89.2

Credits

Sam Huang (CHT Security)