Lucene search
K

5 matches found

redhatcve
redhatcve
added 2025/02/05 8:15 p.m.18 views

CVE-2022-4428

supporturi parameter in the WARP client local settings file mdm.xml lacked proper validation which allowed for privilege escalation and launching an arbitrary executable on the local machine upon clicking on the "Send feedback" option. An attacker with access to the local file system could use a...

8.9CVSS7AI score0.00695EPSS
Exploits0References1
nvd
nvd
added 2023/01/11 5:15 p.m.29 views

CVE-2022-4428

supporturi parameter in the WARP client local settings file mdm.xml lacked proper validation which allowed for privilege escalation and launching an arbitrary executable on the local machine upon clicking on the "Send feedback" option. An attacker with access to the local file system could use a...

8.9CVSS8.8AI score0.00695EPSS
Exploits0References1
cve
cve
added 2023/01/11 4:49 p.m.53 views

CVE-2022-4428

Cloudflare WARP client (Windows) is affected by CVE-2022-4428 due to unvalidated support_uri in the local settings file (mdm.xml). A crafted XML config or a manipulated path could be used to escalate privileges and trigger execution of an arbitrary local executable when the user interacts with th...

8.9CVSS8AI score0.00695EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2023/01/11 4:49 p.m.8 views

CVE-2022-4428 support_uri validation missing in WARP client for Windows

supporturi parameter in the WARP client local settings file mdm.xml lacked proper validation which allowed for privilege escalation and launching an arbitrary executable on the local machine upon clicking on the "Send feedback" option. An attacker with access to the local file system could use a...

8.9CVSS7AI score0.00695EPSS
Exploits0References1
cvelist
cvelist
added 2023/01/11 4:49 p.m.32 views

CVE-2022-4428 support_uri validation missing in WARP client for Windows

supporturi parameter in the WARP client local settings file mdm.xml lacked proper validation which allowed for privilege escalation and launching an arbitrary executable on the local machine upon clicking on the "Send feedback" option. An attacker with access to the local file system could use a...

8.9CVSS8.9AI score0.00695EPSS
Exploits0References1
Rows per page
Query Builder