Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

OSV
OSVadded 2022/02/06 9:15 p.m.0 views

CVE-2022-24551

A flaw was found in StarWind Stack. The endpoint for setting a new password doesn’t check the current username and old password. An attacker could reset any local user password including system/administrator user using any available user This affects StarWind SAN and NAS v0.2 build 1633...

8.8CVSS7.3AI score0.00399EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2022/02/06 9:15 p.m.3 views

CVE-2022-24552

A flaw was found in the REST API in StarWind Stack. REST command, which manipulates a virtual disk, doesn’t check input parameters. Some of them go directly to bash as part of a script. An attacker with non-root user access can inject arbitrary data into the command that will be executed with roo...

10CVSS7.3AI score0.00805EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2022/02/06 12:0 a.m.2 views

PT-2022-16715 · Starwind · Starwind Stack +1

Name of the Vulnerable Software and Affected Versions: StarWind SAN and NAS version 0.2 build 1633 Description: A flaw was found in the REST API in StarWind Stack, where the REST command that manipulates a virtual disk does not check input parameters. Some of these parameters are directly execute...

10CVSS9.4AI score0.00805EPSS
Exploits0References4
Rows per page
Query Builder