CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2023/01/18 12:41 a.m.•45 views

CVE-2022-45444

Sewio RTLS Studio

10CVSS9.4AI score0.00944EPSS

Cvelist•added 2023/01/18 12:41 a.m.•15 views

CVE-2022-45444 CVE-2022-45444

Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 contains hard-coded passwords for select users in the application’s database. This could allow a remote attacker to login to the database with unrestricted access...

10CVSS9.5AI score0.00944EPSS

CVE•added 2023/01/18 12:39 a.m.•35 views

CVE-2022-45127

CVE-2022-45127 affects Sewio’s RTLS Studio, version 2.0.0 through 2.6.2. The vulnerability is a cross-site request forgery (CSRF) in the backup services, enabling an attacker to trigger arbitrary backup operations and cause a denial-of-service condition. The issue is documented across multiple so...

8.1CVSS8.2AI score0.00325EPSS

Vulnrichment•added 2023/01/18 12:39 a.m.•5 views

CVE-2022-45127 CVE-2022-45127

Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to cross-site request forgery in its backup services. An attacker could take advantage of this vulnerability to execute arbitrary backup operations and cause a denial-of-service condition...

8.1CVSS7.3AI score0.00325EPSS

Cvelist•added 2023/01/18 12:39 a.m.•22 views

CVE-2022-45127 CVE-2022-45127

8.1CVSS8.4AI score0.00325EPSS

CVE•added 2023/01/18 12:37 a.m.•39 views

CVE-2022-43483

Sewio RTLS Studio 2.0.0–2.6.2 is vulnerable due to improper input validation of the module name in monitor services, enabling OS command execution. CVE-2022-43483 (OS command injection) is among several vulnerabilities in the same family affecting RTLS Studio 2.0.0–2.6.2, including CVEs 47911, 45...

9.1CVSS7.8AI score0.01236EPSS

Vulnrichment•added 2023/01/18 12:37 a.m.•7 views

CVE-2022-43483 CVE-2022-43483

Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 does not properly validate the input module name to the monitor services of the software. This could allow a remote attacker to access sensitive functions of the application and execute arbitrary system...

9.1CVSS7.7AI score0.01236EPSS

Cvelist•added 2023/01/18 12:37 a.m.•14 views

CVE-2022-43483 CVE-2022-43483

9.1CVSS9.5AI score0.01236EPSS

CVE•added 2023/01/18 12:32 a.m.•44 views

CVE-2022-43455

Sewio RTLS Studio versions 2.0.0–2.6.2 are affected by improper input validation in the service_start, service_stop, and service_restart modules, enabling an attacker to start, stop, or restart arbitrary services on the server. Affected products: RTLS Studio; root cause: input validation flaw in ...

6.5CVSS6.3AI score0.00587EPSS

Cvelist•added 2023/01/18 12:32 a.m.•10 views

CVE-2022-43455 CVE-2022-43455

Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to improper input validation of user input to the servicestart, servicestop, and servicerestart modules of the software. This could allow an attacker to start, stop, or restart arbitrary...

5.5CVSS6.7AI score0.00587EPSS

CVE•added 2023/01/18 12:30 a.m.•42 views

CVE-2022-41989

Sewio RTLS Studio (Sewio RTLS Studio) versions 2.0.0 through 2.6.2 are affected by an out-of-bounds write vulnerability caused by lack of validation of the length of RTLS report payloads during communication. This could allow an attacker to send an excessively long payload, leading to denial-of-s...

9.8CVSS9.4AI score0.00769EPSS

Vulnrichment•added 2023/01/18 12:30 a.m.•3 views

CVE-2022-41989 CVE-2022-41989

Sewio’s Real-Time Location System RTLS Studio version 2.0.0 up to and including version 2.6.2 does not validate the length of RTLS report payloads during communication. This allows an attacker to send an exceedingly long payload, resulting in an out-of-bounds write to cause a denial-of-service...

9CVSS7.4AI score0.00769EPSS

Cvelist•added 2023/01/18 12:30 a.m.•22 views

CVE-2022-41989 CVE-2022-41989

9CVSS9.7AI score0.00769EPSS

CNNVD•added 2023/01/18 12:0 a.m.•2 views

Sewio Real-Time Location System (RTLS) Studio 缓冲区错误漏洞

Sewio Real-Time Location System RTLS Studio is a real-time location system from Sewio, Inc. A buffer error vulnerability exists in Sewio Real-Time Location System RTLS Studio versions 2.0.0 through 2.6.2, which stems from not validating the length of the RTLS report payload during communication...

9.8CVSS8.9AI score0.00769EPSS

CNNVD•added 2023/01/18 12:0 a.m.•5 views

Sewio Real-Time Location System (RTLS) Studio 信任管理问题漏洞

Sewio Real-Time Location System RTLS Studio is a real-time location system from Sewio, Inc. A security vulnerability exists in Sewio Real-Time Location System RTLS Studio versions 2.0.0 through 2.6.2, which originates from hard-coded passwords containing selected users in the application database...

10CVSS8.7AI score0.00944EPSS

CNNVD•added 2023/01/18 12:0 a.m.•2 views

Sewio Real-Time Location System (RTLS) Studio 跨站请求伪造漏洞

Sewio Real-Time Location System RTLS Studio is a real-time location system from Sewio, Inc. A cross-site request forgery vulnerability exists in Sewio's Real-Time Location System RTLS Studio versions 2.0.0 through 2.6.2, which stems from vulnerability to cross-site request forgery in the monitori...

8.1CVSS7.7AI score0.00325EPSS

CNNVD•added 2023/01/18 12:0 a.m.•2 views

Sewio Real-Time Location System (RTLS) Studio 输入验证错误漏洞

Sewio Real-Time Location System RTLS Studio is a real-time location system from Sewio, Inc. An input validation error vulnerability exists in Sewio Real-Time Location System RTLS Studio versions 2.0.0 through 2.6.2, which stems from susceptibility to incorrect input validation of user input to...

6.8CVSS6.6AI score0.00683EPSS