exploitDog

CVE-2022-46733

Опубликовано: 18 янв. 2023

Источник: nvd

CVSS3: 6.3

CVSS3: 9.6

EPSS Низкий

Описание

Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site scripting in its backup services. An attacker could take advantage of this vulnerability to execute arbitrary commands.

Ссылки

https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-01
Third Party Advisory
US Government Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-01
Third Party Advisory
US Government Resource

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:sewio:real-time_location_system_studio:*:*:*:*:*:*:*:*

Версия от 2.0.0 (включая) до 2.6.2 (включая)

EPSS

Процентиль: 61%

0.00419

Низкий

6.3 Medium

CVSS3

9.6 Critical

CVSS3

Дефекты

CWE-79

CWE-79

Связанные уязвимости

GHSA-9hv8-pfv2-wqfp

CVSS3: 9.6

github

больше 2 лет назад

Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site scripting in its backup services. An attacker could take advantage of this vulnerability to execute arbitrary commands.

EPSS

Процентиль: 61%

0.00419

Низкий

6.3 Medium

CVSS3

9.6 Critical

CVSS3

Дефекты

CWE-79

CWE-79