CVE-2022-46733

  1. Reconshell
  2. Vulnerabilities (CVE)
  3. CVE-2022-46733
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site scripting in its backup services. An attacker could take advantage of this vulnerability to execute arbitrary commands.

9.6 /10

CVSS v3.0 : CRITICAL

V3 Legend

Vector :

Exploitability : 2.8 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References
Link Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-01 Third Party Advisory US Government Resource
Advertisement

NeevaHost hosting service
Configurations

Configuration 1 (hide)

cpe:2.3:a:sewio:real-time_location_system_studio:*:*:*:*:*:*:*:*
Information

Published : 2023-01-17 17:15

Updated : 2023-01-26 05:19

NVD link : CVE-2022-46733

Mitre link : CVE-2022-46733

JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa
Products Affected

sewio

  • real-time_location_system_studio