CVE-2022-28113

An issue in upload.csp of FANTEC GmbH MWiD25-DS Firmware v2.000.030 allows attackers to write files and reset the user passwords without having a valid session cookie.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:fantec:mwid25-ds_firmware:2.000.030:*:*:*:*:*:*:*
cpe:2.3:h:fantec:mwid25-ds:-:*:*:*:*:*:*:*

Information

Published : 2022-04-15 12:15

Updated : 2022-04-25 11:49


NVD link : CVE-2022-28113

Mitre link : CVE-2022-28113


JSON object : View

CWE
CWE-565

Reliance on Cookies without Validation and Integrity Checking

Advertisement

dedicated server usa

Products Affected

fantec

  • mwid25-ds_firmware
  • mwid25-ds