Canas ERP GETSERVERINFO Pre-Authentication Vulnerability Vulnerability Overview The Canas ERP system contains a pre-authentication vulnerability that allows attackers to retrieve sensitive server information via the interface without authentication. This vulnerability enables remote attackers to obtain critical information such as system version, startup time, Java version, operating system, and process ID. Affected Scope Canas ERP systems All unpatched pre-authentication interfaces Remediation Update the Canas ERP system to the latest version Implement authentication mechanisms for the interface Restrict the exposure of sensitive information POC Code