OMICARD EDM’s mail image relay function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to by-pass authentication and access arbitrary system files.
References
Link | Resource |
---|---|
https://www.twcert.org.tw/tw/cp-132-6374-1c6c9-1.html | Third Party Advisory |
https://www.chtsecurity.com/news/48032532-b2de-401c-97a8-a2be5691988f | Third Party Advisory |
Configurations
Information
Published : 2022-08-04 03:15
Updated : 2022-10-25 19:50
NVD link : CVE-2022-35216
Mitre link : CVE-2022-35216
JSON object : View
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Products Affected
omicard_edm_project
- omicard_edm