cbcvebase.
CVE-2012-1828
published 2012-06-13

CVE-2012-1828: The administrative functions in AutoFORM PDM Archive before 7.1 do not have authorization requirements, which allows remote authenticated users to perform…

PriorityP431medium6.5CVSS 2.0
AVNACLAuSCPIPAP
EPSS
1.57%
72.4th percentile
The administrative functions in AutoFORM PDM Archive before 7.1 do not have authorization requirements, which allows remote authenticated users to perform administrative actions by leveraging knowledge of a hidden function, as demonstrated by the password-change function.

Affected

4 ranges
VendorProductVersion rangeFixed in
efstechnologyautoform_pdm_archive<= 7.0
efstechnologyautoform_pdm_archive<= 6.920
efstechnologyautoform_pdm_archive
efstechnologyautoform_pdm_archive

CVSS provenance

nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
vulncheck6.5MEDIUM
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.