3 matches found
CVE-2022-31322
The CVE-2022-31322 entry affects Penta Security Systems’ WAPPLES, specifically version 6.0 r3 with 4.10-hotfix1. The vulnerability allows privilege escalation by overwriting files using SUID-enabled executables. Root cause and affected component: SUID flagged executables enabling local privilege ...
CVE-2022-31324
An arbitrary file download vulnerability in the downloadAction function of Penta Security Systems Inc WAPPLES v6.0 r3 4.10-hotfix1 allows attackers to download arbitrary files via a crafted POST request...
CVE-2022-35582
CVE-2022-35582 pertains to Penta Security WAPPLES (versions 4.0., 5.0.0. , 5.0.12.*) with an Incorrect Access Control flaw: the OS includes a built-in non-privileged user named ‘penta’ with a predefined password, whose existence and credentials are not documented. This enables potential unauthori...