Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

SUNNET — Vulnerabilities & Security Advisories 22

Browse all 22 CVE security advisories affecting SUNNET. AI-powered Chinese analysis, POCs, and references for each vulnerability.

SUNNET primarily provides network management and monitoring solutions for enterprise infrastructure, enabling administrators to track device performance and connectivity. Security audits have identified twenty-two distinct Common Vulnerabilities and Exposures (CVEs) associated with its software suite, highlighting significant risks in production environments. Historically, these flaws predominantly involve remote code execution and cross-site scripting, allowing attackers to compromise system integrity or steal sensitive data. Additionally, several incidents demonstrate critical privilege escalation vulnerabilities, where unauthenticated users can gain administrative control over the network management interface. These security characteristics suggest a pattern of insufficient input validation and weak access controls within the application architecture. While specific major public breaches remain limited in scope, the cumulative impact of these vulnerabilities poses a substantial threat to organizational security postures, necessitating immediate patching and rigorous vulnerability management strategies to mitigate potential exploitation by malicious actors targeting network infrastructure.

Top products by SUNNET: eHRD CTMS eHRD WMPro CTMS
CVE IDTitleCVSSSeverityPublished
CVE-2026-7490 Sunnet|CTMS and CPAS - Arbitrary File Upload — CTMSCWE-434 7.2 High2026-05-02
CVE-2026-7489 Sunnet|CTMS - SQL Injection — CTMSCWE-89 8.8 High2026-05-02
CVE-2025-15226 Sunnet|WMPro - Arbitrary File Upload — WMProCWE-434 9.8 Critical2025-12-29
CVE-2025-15225 Sunnet|WMPro - Arbitrary File Read — WMProCWE-23 7.5 High2025-12-29
CVE-2025-9570 Sunnet|eHRD CTMS - Arbitrary File Reading through Path Traversal — eHRD CTMSCWE-23 4.9 Medium2025-09-01
CVE-2025-9569 Sunnet|eHRD CTMS - Reflected Cross-site Scripting — eHRD CTMSCWE-79 6.1 Medium2025-09-01
CVE-2025-9568 Sunnet|eHRD CTMS - Reflected Cross-site Scripting — eHRD CTMSCWE-79 6.1 Medium2025-09-01
CVE-2025-9567 Sunnet|eHRD CTMS - Reflected Cross-site Scripting — eHRD CTMSCWE-79 6.1 Medium2025-09-01
CVE-2025-3707 Sunnet eHRD CTMS - SQL Injection — eHRD CTMSCWE-89 6.5 Medium2025-05-02
CVE-2024-10440 Sunnet eHRD CTMS - SQL Injection — eHRD CTMSCWE-89 9.8 Critical2024-10-28
CVE-2024-10439 Sunnet eHRD CTMS - Insecure Direct Object Reference — eHRD CTMSCWE-639 5.3 Medium2024-10-28
CVE-2024-10438 Sunnet eHRD CTMS - Authentication Bypass — eHRD CTMSCWE-288 7.5 High2024-10-28
CVE-2023-35851 SUNNET WMPro - SQL Injection — WMProCWE-89 7.5 High2023-09-18
CVE-2023-35850 SUNNET WMPro - Command Injection — WMProCWE-78 7.2 High2023-09-18
CVE-2023-24836 SUNNET CTMS - Path Traversal — CTMSCWE-22 8.8 High2023-04-27
CVE-2021-43360 Sunnet eHRD - Insecure Deserialization — eHRDCWE-502 8.8 High2021-12-01
CVE-2021-43359 Sunnet eHRD - Broken Access Control — eHRDCWE-732 8.8 High2021-12-01
CVE-2021-43358 Sunnet eHRD - Path Traversal — eHRDCWE-22 7.5 High2021-12-01
CVE-2020-10510 Sunnet eHRD - Broken Access Control — eHRD 8.1 High2020-03-27
CVE-2020-10509 Sunnet eHRD - Cross-Site Scripting — eHRDCWE-79 6.1 Medium2020-03-27
CVE-2020-10508 Sunnet eHRD - Sensitive Data Exposure — eHRD 7.5 High2020-03-27
CVE-2019-11062 SUNNET WMPro v5.0 and v5.1 has OS Command Injection — WMProCWE-78 9.8 -2019-07-11

This page lists every published CVE security advisory associated with SUNNET. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.