3 matches found
Dynamicweb 9.5.0 - 9.12.7 Unauthenticated Admin User Creation
Dynamicweb contains a vulnerability which allows an unauthenticated attacker to create a new administrative user. id: CVE-2022-25369 info: name: Dynamicweb 9.5.0 - 9.12.7 Unauthenticated Admin User Creation author: pdteam severity: critical description: Dynamicweb contains a vulnerability which...
CVE-2022-25369
CVE-2022-25369 (Dynamicweb) affects Dynamicweb versions before 9.12.8, where an unauthenticated attacker can create a new administrator account due to a logic flaw in setup phase checks. After becoming the newly created admin, the attacker can upload an executable and achieve command execution (r...
CVE-2022-25369
creationtimestamp| type| source ---|---|--- 2022-02-25 11:05:15+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/5488 2025-06-04 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2025-06-04 2025-06-06 00:00:00+00:00| exploited| The...