CVE-2022-1837

Опубликовано: 24 мая 2022

Источник: nvd

CVSS3: 4.7

CVSS3: 7.2

CVSS2: 6.5

EPSS Низкий

Описание

A vulnerability was found in Home Clean Services Management System 1.0. It has been rated as critical. Affected by this issue is register.php?link=registerand. The manipulation with the input leads to code execution. The attack may be launched remotely but demands an authentication. Exploit details have been disclosed to the public.

Ссылки

https://github.com/Xor-Gerke/webray.com.cn/blob/main/cve/Home%20Clean%20Services%20Management%20System/HCS_add_register.php_File_Upload_Getshell.md
Exploit
Third Party Advisory
https://vuldb.com/?id.200582
Third Party Advisory
https://github.com/Xor-Gerke/webray.com.cn/blob/main/cve/Home%20Clean%20Services%20Management%20System/HCS_add_register.php_File_Upload_Getshell.md
Exploit
Third Party Advisory
https://vuldb.com/?id.200582
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:home_clean_services_management_system_project:home_clean_services_management_system:1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 74%

0.00852

Низкий

4.7 Medium

CVSS3

7.2 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-434

Связанные уязвимости

GHSA-46fw-hr68-x354

CVSS3: 7.2

github

больше 3 лет назад

A vulnerability was found in Home Clean Services Management System 1.0. It has been rated as critical. Affected by this issue is register.php?link=registerand. The manipulation with the input <?php phpinfo();?> leads to code execution. The attack may be launched remotely but demands an authentication. Exploit details have been disclosed to the public.

EPSS

Процентиль: 74%

0.00852

Низкий

4.7 Medium

CVSS3

7.2 High

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-434