Lucene search
HistorySep 21, 2022 - 10:15 a.m.
CVE-2022-2872
cve-2022-2872
unrestricted upload
file upload
github
octoprint
nvd
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
21.6%
Unrestricted Upload of File with Dangerous Type in GitHub repository octoprint/octoprint prior to 1.8.3.
Affected configurations
Node
octoprintoctoprintRange<1.8.3
| CPE | Name | Operator | Version |
|---|---|---|---|
| octoprint:octoprint | octoprint | lt | 1.8.3 |
CNA Affected
[
{
"product": "octoprint/octoprint",
"vendor": "octoprint",
"versions": [
{
"lessThan": "1.8.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
huntr
huntr
Unrestricted File Upload Allowed due to Flawed Move File Functionality
2022-08-15 20:09:29
github
github
OctoPrint vulnerable to Unrestricted Upload of File with Dangerous Type
2022-09-22 00:00:32
nvd
nvd
CVE-2022-2872
2022-09-21 10:15:09
cvelist
cvelist
veracode
veracode
Arbitrary File Upload
2022-09-26 07:39:13
osv
osv
CVE-2022-2872
2022-09-21 10:15:09
PYSEC-2022-286
2022-09-21 10:15:00
OctoPrint vulnerable to Unrestricted Upload of File with Dangerous Type
2022-09-22 00:00:32
prion
prion
Unrestricted file upload
2022-09-21 10:15:00
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
21.6%
Related for CVE-2022-2872