CRITICAL🇬🇧 English

CVE-2022-34822

CVSS 9.8v3.1pub. 2022-11-08upd. 2025-05-02

Path traversal vulnerability in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5.0 for Windows and earlier, CLUSTERPRO X 5.0 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 5.0 SingleServerSafe for Windows and earlier allows a remote unauthenticated attacker to overwrite existing files on the file system and to potentially execute arbitrary code.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Nec Expresscluster X

    APP
    Nec
    ≤ 5.0
  • Nec Expresscluster X Singleserversafe

    APP
    Nec
    ≤ 5.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
RCEPath TraversalAuth Bypass
CWE
Referencje

Powiązane podatności

CVE-2022-34825CRITICAL9.8ten sam produkt

Uncontrolled Search Path Element in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5.0 for Windows...

CVE-2022-34824CRITICAL9.8ten sam produkt

Weak File and Folder Permissions vulnerability in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5...

CVE-2022-34823CRITICAL9.8ten sam produkt

Buffer overflow vulnerability in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5.0 for Windows an...

CVE-2021-20700CRITICAL9.8ten sam produkt

Buffer overflow vulnerability in the Disk Agent CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUSTER X 4.3...

CVE-2021-20702CRITICAL9.8ten sam produkt

Buffer overflow vulnerability in the Transaction Server CLUSTERPRO X 4.3 for Windows and earlier, EXPRESSCLUST...