8.8

CVE-2022-24688

Exploit

EPSS 3.92%
Veröffentlicht 18.07.2022 13:15:09
Zuletzt bearbeitet 21.11.2024 06:50:52
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

An issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. The Touch settings allow unrestricted file upload (and consequently Remote Code Execution) via PDF upload with PHP content and a .php extension. The attacker must hijack or obtain privileged user access to the Parameters page in order to exploit this issue. (That can be easily achieved by exploiting the Broken Access Control with further Brute-force attack or SQL Injection.) The uploaded file is stored within the database and copied to the sync web folder if the attacker visits a certain .php?action= page.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Dsk ≫ Dsknet Version2.16.136.0

Dsk ≫ Dsknet Version2.17.136.5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	3.92%	0.878

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-434 Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

https://dsk.lu/fr/produits/temps-de-presence

Vendor Advisory

https://github.com/post-cyberlabs/CVE-Advisory/blob/main/CVE-2022-24688-92.pdf

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2022-24688

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-24688

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-24688

EUVD