CVE-2022-3301

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2022-3301
Improper Cleanup on Thrown Exception in GitHub repository ikus060/rdiffweb prior to 2.4.8.

2.4 /10

CVSS v3.0 : LOW

V3 Legend

Vector :

Exploitability : 0.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction REQUIRED

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://huntr.dev/bounties/d3bf1e5d-055a-44b8-8d60-54ab966ed63a Exploit Patch Third Party Advisory
https://github.com/ikus060/rdiffweb/commit/5ac38b2a75becbab9f948bd5e37ecbcd9f0b362e Patch Third Party Advisory
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

cpe:2.3:a:ikus-soft:rdiffweb:*:*:*:*:*:*:*:*
Information

Published : 2022-09-26 04:15

Updated : 2022-09-28 11:07

NVD link : CVE-2022-3301

Mitre link : CVE-2022-3301

JSON object : View

CWE
CWE-460

Improper Cleanup on Thrown Exception

Advertisement

dedicated server usa
Products Affected

ikus-soft

  • rdiffweb