CVE-2026-14737
EUVD-2026-4174505.07.2026, 11:16
A vulnerability was identified in Hanwang e-Face General Management Platform 6.3.5.4. This impacts an unknown function of the file /sysAuthStr/querySysAuthStr.do. The manipulation of the argument order leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.
Awaiting analysis
This vulnerability is currently awaiting analysis.