Lucene search
PRIOn knowledge basePRION:CVE-2023-22335HistoryMar 06, 2023 - 12:15 a.m.
Improper access control
2023-03-0600:15:00
PRIOn knowledge base
www.prio-n.com
7
access control
vulnerability
ss1
rakuraku pc cloud agent
remote attacker
arbitrary file
exploiting vulnerability
cve-2023-22336
cve-2023-22344
arbitrary code
system privileges.
Improper access control vulnerability in SS1 Ver.13.0.0.40 and earlier and Rakuraku PC Cloud Agent Ver.2.1.8 and earlier allows a remote attacker to bypass access restriction and download an arbitrary file of the directory where the product runs. As a result of exploiting this vulnerability with CVE-2023-22336 and CVE-2023-22344 vulnerabilities together, it may allow a remote attacker to execute an arbitrary code with SYSTEM privileges by sending a specially crafted script to the affected device.
| CPE | Name | Operator | Version |
|---|---|---|---|
| rakuraku_pc_cloud_agent | le | 2.1.8 | |
| ss1 | le | 13.0.0.40 |
Related
cvelist
cvelist
cve
cve
nvd
nvd
jvn
jvn
JVN#57224029: Multiple vulnerabilities in SS1 and Rakuraku PC Cloud
2023-03-01 00:00:00
prion
prion
Path traversal
2023-03-06 00:15:00
Hardcoded credentials
2023-03-06 00:15:00