Browse all 7 CVE security advisories affecting ChangingTec. AI-powered Chinese analysis, POCs, and references for each vulnerability.
ChangingTec develops enterprise software for supply chain management, with a core use case of tracking inventory and logistics across distributed networks. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from insufficient input validation and misconfigured access controls. While no major public incidents have been documented, their 7 CVEs reveal consistent issues in authentication mechanisms and API security. The company's security posture suggests a need for improved secure coding practices, particularly in handling user-supplied data and implementing proper session management. Their vulnerabilities typically allow attackers to compromise system integrity or gain unauthorized access to sensitive supply chain data.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-39059 | ChangingTec MegaServiSignAdapter - Path Traversal — MegaServiSignAdapterCWE-22 | 7.5 | High | 2023-01-31 |
| CVE-2022-39060 | ChangingTec MegaServiSignAdapter - Improper Input Validation — MegaServiSignAdapterCWE-20 | 9.8 | Critical | 2023-01-31 |
| CVE-2022-39061 | ChangingTec MegaServiSignAdapter - Out-of-bounds Read — MegaServiSignAdapterCWE-125 | 6.5 | Medium | 2023-01-31 |
This page lists every published CVE security advisory associated with ChangingTec. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.