Lucene search
HistoryDec 05, 2022 - 8:15 p.m.
CVE-2022-45771
pwndoc
privilege escalation
arbitrary code execution
crafted audit file
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
43.1%
An issue in the /api/audits component of Pwndoc v0.5.3 allows attackers to escalate privileges and execute arbitrary code via uploading a crafted audit file.
Affected configurations
Node
pwndoc_projectpwndocMatch0.5.3
Related
osv
osv
CVE-2022-45771
2022-12-05 20:15:11
githubexploit
githubexploit
Exploit for CVE-2022-45771
2022-12-13 10:03:14
cve
cve
CVE-2022-45771
2022-12-05 20:15:11
prion
prion
Design/Logic Flaw
2022-12-05 20:15:00
cvelist
cvelist
CVE-2022-45771
2022-12-05 00:00:00
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
43.1%
Related for NVD:CVE-2022-45771