Unrestricted Upload of File with Dangerous Type in Microweber

🗓️ 12 Mar 2022 00:30:00Reported by GitHub Advisory DatabaseType

Unrestricted Upload of File in Microweber allows Remote Code Executio

Reporter	Title	Published	Views	Family All 10
OSV	CVE-2022-0921	11 Mar 202218:15	–	osv
OSV	Unrestricted Upload of File with Dangerous Type in Microweber	12 Mar 202200:00	–	osv
Prion	Design/Logic Flaw	11 Mar 202218:15	–	prion
CVE	CVE-2022-0921	11 Mar 202218:15	–	cve
Veracode	Remote Code Execution (RCE)	14 Mar 202210:28	–	veracode
Huntr	Abusing Backup/Restore feature to achieve Remote Code Execution	9 Mar 202218:14	–	huntr
CNVD	Microweber remote code execution vulnerability	15 Mar 202200:00	–	cnvd
RedhatCVE	CVE-2022-0921	5 Feb 202519:21	–	redhatcve
NVD	CVE-2022-0921	11 Mar 202218:15	–	nvd
Cvelist	CVE-2022-0921 Abusing Backup/Restore feature to achieve Remote Code Execution in microweber/microweber	11 Mar 202217:25	–	cvelist

Vulners

Node

microweber microweberRange<1.2.12

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2022-0921
github	www.github.com/microweber/microweber/commit/867bdda1b4660b0795ad7f87ab5abe9e44b2b318
huntr	www.huntr.dev/bounties/e368be37-1cb4-4292-8d48-07132725f622
github	www.github.com/advisories/GHSA-j878-43hm-8gr5

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

12 Mar 2022 00:00Current

3.9Low risk

Vulners AI Score3.9

CVSS26.5

CVSS36.7 - 7.2

EPSS0.00189

CWE-434