CVE-2022-32175
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
5.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
32.8%
In AdGuardHome, versions v0.95 through v0.108.0-b.13 are vulnerable to Cross-Site Request Forgery (CSRF), in the custom filtering rules functionality. An attacker can persuade an authorized user to follow a malicious link, resulting in deleting/modifying the custom filtering rules.
Affected configurations
| CPE | Name | Operator | Version |
|---|---|---|---|
| adguard:adguardhome | adguard adguardhome | lt | 0.108 |
CNA Affected
[
{
"vendor": "AdguardHome",
"product": "AdguardHome",
"versions": [
{
"version": "v0.99.0",
"status": "affected",
"lessThan": "unspecified",
"versionType": "custom"
},
{
"version": "unspecified",
"lessThanOrEqual": "v0.108.0-b.9",
"status": "affected",
"versionType": "custom"
}
]
}
]Related
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
5.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
32.8%