Lucene search
HistoryApr 16, 2023 - 2:15 a.m.
CVE-2022-38840
cve-2022-38840
güralp man-eam-0003
xxe
xml
file upload
local file disclosure
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.125 Low
EPSS
Percentile
95.5%
cgi-bin/xmlstatus.cgi in Güralp MAN-EAM-0003 3.2.4 is vulnerable to an XML External Entity (XXE) issue via XML file upload, which leads to local file disclosure.
Affected configurations
Node
guralpman-eam-0003Match3.2.4
| CPE | Name | Operator | Version |
|---|---|---|---|
| guralp:man-eam-0003 | guralp man-eam-0003 | eq | 3.2.4 |
Related
nvd
nvd
CVE-2022-38840
2023-04-16 02:15:08
prion
prion
Xxe
2023-04-16 02:15:00
cvelist
cvelist
CVE-2022-38840
2023-04-16 00:00:00
zdt
zdt
MAN-EAM-0003 V3.2.4 - XML External Entity (XXE) Vulnerability
2023-03-23 00:00:00
packetstorm
packetstorm
MAN-EAM-0003 3.2.4 XML Injection
2023-03-24 00:00:00
exploitdb
exploitdb
MAN-EAM-0003 V3.2.4 - XXE
2023-03-23 00:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
0.125 Low
EPSS
Percentile
95.5%
Related for CVE-2022-38840