Sunnet eHRD is a talent management system from SunChat Technology, Taiwan, China. The system supports talent management and performance management, etc. Sunnet eHRD has an access control error vulnerability, which can be exploited by an attacker to access the account management page after authenticating as a normal user, and then perform privilege escalation, execute arbitrary code, control the system or interrupt the service.