CVE-2022-39023

U-Office Force Download function has a path traversal vulnerability. A remote attacker with general user privilege can exploit this vulnerability to download arbitrary system file.
References
Link Resource
https://www.twcert.org.tw/tw/cp-132-6638-08596-1.html Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:edetw:u-office_force:*:*:*:*:*:*:*:*

Information

Published : 2022-10-31 00:15

Updated : 2022-10-31 10:46


NVD link : CVE-2022-39023

Mitre link : CVE-2022-39023


JSON object : View

CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Advertisement

dedicated server usa

Products Affected

edetw

  • u-office_force