轉發 台灣電腦網路危機處理暨協調中心 資安訊息警訊 TWCERTCC-200-202607-00000004
[內容說明]
【博格資訊管理顧問|ERP App - Use of Hard-coded Credentials 】(CVE-2026-14807,CVSS:9.8) 博格資訊管理顧問開發之ERP App存在 Use of Hard-coded Credentials漏洞,未經身分鑑別之遠端攻擊者可於程式碼中取得資料庫帳號與通行碼。
[影響平台]
ERP App
[建議措施]
聯繫廠商進行修補
[參考資料]
1. https://www.twcert.org.tw/tw/cp-132-11023-3abe8-1.html
Forwarded Taiwan Computer Emergency Response Team / Coordination Center Security Advisory Alert TWCERTCC-200-202607-00000004
[Description]
【Boger Information Management Consulting|ERP App - Use of Hard-coded Credentials 】(CVE-2026-14807,CVSS:9.8) The ERP App developed by Boger Information Management Consulting has a Use of Hard-coded Credentials vulnerability. Unauthenticated remote attackers can obtain database account credentials and passwords from the program code.
[Affected Platform]
ERP App
[Recommendations]
Contact the vendor for remediation
[References]
1.https://www.twcert.org.tw/tw/cp-132-11023-3abe8-1.html