Lucene search

KrcertCVELIST:CVE-2022-23769

HistoryOct 17, 2022 - 12:00 a.m.

CVE-2022-23769 Secuever reverseWall-MDS Remote Code Execution Vulnerability

2022-10-1700:00:00

CWE-287

krcert

www.cve.org

cve-2022-23769

secuever

reversewall-mds

remote code execution

vulnerability

user privilege verification

stealing account

CVSS3

7.5

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.004

Percentile

74.8%

JSON

Remote code execution vulnerability due to insufficient user privilege verification in reverseWall-MDS. Remote attackers can exploit the vulnerability such as stealing account, through remote code execution.

CNA Affected

[
  {
    "vendor": "Secuever Co.,Ltd",
    "product": "reverseWall-MDS",
    "versions": [
      {
        "version": "unspecified",
        "lessThanOrEqual": "3.8 A007",
        "status": "affected",
        "versionType": "custom"
      }
    ],
    "platforms": [
      "Windows"
    ]
  }
]

References

www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66962

CVSS3

7.5

Attack Vector

ADJACENT

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

0.004

Percentile

74.8%

JSON

Related for CVELIST:CVE-2022-23769