Lucene search
China National Vulnerability DatabaseCNVD-2022-22248HistoryMar 14, 2022 - 12:00 a.m.
FreeTAKServer Access Control Error Vulnerability
2022-03-1400:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
0.001 Low
EPSS
Percentile
44.4%
FreeTAKServer is an open source lightweight server from the FreeTAKTeam team. It is used to connect to TAK clients. FreeTAKServer suffers from an access control error vulnerability, which stems from the fact that Endpoint/ManageRoute/postRoute can be accessed without authentication, and can be exploited by an attacker to cause a denial of service via an unusually large number of routes created.
| CPE | Name | Operator | Version |
|---|---|---|---|
| freetakteam freetakserver | eq | 1.9.8 |
Related
cvelist
cvelist
CVE-2022-25508
2022-03-10 23:35:38
osv
osv
PYSEC-2022-43054
2022-03-11 00:15:00
CVE-2022-25508
2022-03-11 00:15:08
Improper Authentication in FreeTAKServer
2022-03-12 00:00:37
github
github
Improper Authentication in FreeTAKServer
2022-03-12 00:00:37
cve
cve
CVE-2022-25508
2022-03-11 00:15:08
veracode
veracode
Denial Of Service (DoS)
2022-03-14 07:29:17
nvd
nvd
CVE-2022-25508
2022-03-11 00:15:08
gitlab
gitlab
Improper Authentication in FreeTAKServer
2022-03-12 00:00:00
prion
prion
Design/Logic Flaw
2022-03-11 00:15:00