Browse all 4 CVE security advisories affecting Resort Data Processing, Inc.. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Resort Data Processing, Inc. specializes in hospitality management software solutions, handling sensitive guest data and payment processing for resort clients. Historically, their systems have been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws, often stemming from inadequate input validation and misconfigured access controls. The company has recorded four CVEs, with notable incidents including a 2021 breach affecting multiple resorts that exposed guest payment card data and personal information due to an unpatched RCE vulnerability in their booking module.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-39424 | Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') in RDPngFileUpload.dll — IRM Next GenerationCWE-74 | 9.9 | Critical | 2023-09-07 |
| CVE-2023-39423 | Improper Neutralization of Special Elements used in an SQL Command in RDPData.dll — IRM Next GenerationCWE-89 | 8.6 | High | 2023-09-07 |
| CVE-2023-39422 | Use of Hard-coded Credentials in multiple /irmdata/api/ endpoints — IRM Next GenerationCWE-798 | 6.5 | Medium | 2023-09-07 |
| CVE-2023-39421 | Use of Hard-coded Credentials in RDPWin.dll — IRM Next GenerationCWE-798 | 7.7 | High | 2023-09-07 |
This page lists every published CVE security advisory associated with Resort Data Processing, Inc.. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.