CVE-2022-44039

Exploit

EPSS 0.92%
Veröffentlicht 05.12.2022 21:15:10
Zuletzt bearbeitet 24.04.2025 14:15:39
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Franklin Fueling System FFS Colibri 1.9.22.8925 is affected by: File system overwrite. The impact is: File system rewrite (remote). ¶¶ An attacker can overwrite system files like [system.conf] and [passwd], this occurs because the insecure usage of "fopen" system function with the mode "wb" which allows overwriting file if exists. Overwriting files such as passwd, allows an attacker to escalate his privileges by planting backdoor user with root privilege or change root password.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Franklinfueling ≫ Colibri Firmware Version1.9.22.8925

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.92%	0.753

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-863 Incorrect Authorization

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check.

https://pastebin.com/raw/64stbsWu

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2022-44039

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-44039

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-44039

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2022-44039