CVE-2022-50689

Exploit

EPSS 0.02%
Veröffentlicht 22.12.2025 21:35:26
Zuletzt bearbeitet 31.12.2025 17:53:24
Quelle disclosure@vulncheck.com
CVE-Watchlists
Login
Unerledigt
Login

Cobian Reflector 0.9.93 RC1 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the password input field. Attackers can paste a large 8000-byte buffer into the password field to trigger an application crash during SFTP task configuration.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cobiansoft ≫ Reflector Version0.9.93 Updaterc1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.031

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
disclosure@vulncheck.com	6.9	0	0	CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
disclosure@vulncheck.com	6.2	2.5	3.6	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

https://www.cobiansoft.com/

Product

https://www.exploit-db.com/exploits/50789

Third Party Advisory

Exploit

https://www.vulncheck.com/advisories/cobian-reflector-rc-local-denial-of-service-via-password-field

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2022-50689

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2022-50689

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2022-50689

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2022-50689