CVE-2022-24637

🗓️ 18 Mar 2022 00:00:00Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 1 Media mentions👁 230 Views🌐 WEB

Open Web Analytics (OWA) <= 1.7.4 allows unauthenticated remote attacker to obtain sensitive user information and gain admin privileges

Reporter	Title	Published	Views	Family All 27
0day.today	Open Web Analytics 1.7.3 - Remote Code Execution Exploit	11 Nov 202200:00	–	zdt
0day.today	Open Web Analytics 1.7.3 Remote Code Execution Exploit	20 Mar 202300:00	–	zdt
GithubExploit	Exploit for Improper Privilege Management in Openwebanalytics Open_Web_Analytics	22 Aug 202316:25	–	githubexploit
GithubExploit	Exploit for Improper Privilege Management in Openwebanalytics Open_Web_Analytics	30 Aug 202217:31	–	githubexploit
GithubExploit	Exploit for Improper Privilege Management in Openwebanalytics Open_Web_Analytics	26 Mar 202313:11	–	githubexploit
GithubExploit	Exploit for Improper Privilege Management in Openwebanalytics Open_Web_Analytics	8 Oct 202221:12	–	githubexploit
GithubExploit	Exploit for Improper Privilege Management in Openwebanalytics Open_Web_Analytics	30 Aug 202216:38	–	githubexploit
GithubExploit	Exploit for Improper Privilege Management in Openwebanalytics Open_Web_Analytics	30 Aug 202217:31	–	githubexploit
GithubExploit	Exploit for Improper Privilege Management in Openwebanalytics Open_Web_Analytics	9 Mar 202310:40	–	githubexploit
ATTACKERKB	CVE-2022-24637	18 Mar 202216:15	–	attackerkb

NVD

Node

Source	Link
devel0pment	www.devel0pment.de/
packetstormsecurity	www.packetstormsecurity.com/files/169811/Open-Web-Analytics-1.7.3-Remote-Code-Execution.html
packetstormsecurity	www.packetstormsecurity.com/files/171389/Open-Web-Analytics-1.7.3-Remote-Code-Execution.html
github	www.github.com/Open-Web-Analytics/Open-Web-Analytics/releases/tag/1.7.4

Parameter	Position	Path	Description	CWE
owa_user_id	path	/index.php?owa_do=base.loginForm	Login form request used in exploit to establish session and perform further actions.	CWE-269
owa_password	path	/index.php?owa_do=base.loginForm	Login form request used in exploit to establish session and perform further actions.	CWE-269
owa_action	path	/index.php?owa_do=base.loginForm	Login form request used in exploit to establish session and perform further actions.	CWE-269
key	path	/owa-data/caches/{key}/owa_user/{filename}	Cache file access used to retrieve user data including temporary password.	CWE-269
filename	path	/owa-data/caches/{key}/owa_user/{filename}	Cache file access used to retrieve user data including temporary password.	CWE-269
owa_password	request body	/index.php?owa_do=base.usersPasswordEntry	Password reset flow that changes user's password using captured cache key.	CWE-269
owa_password2	request body	/index.php?owa_do=base.usersPasswordEntry	Password reset flow that changes user's password using captured cache key.	CWE-269
owa_k	request body	/index.php?owa_do=base.usersPasswordEntry	Password reset flow that changes user's password using captured cache key.	CWE-269
owa_action	request body	/index.php?owa_do=base.usersPasswordEntry	Password reset flow that changes user's password using captured cache key.	CWE-269
owa_user_id	request body	/index.php?owa_do=base.loginForm	Login request after password change to verify new credentials.	CWE-269

17 Jun 2026 04:32Current

9.4High risk

Vulners AI Score9.4

CVSS 25

CVSS 3.19.8

EPSS0.99134