Rava Certificate Validation System Security Vulnerabilities and Issues — Rava Certificate Validation System CVE List

Lucene search

ChangingtecRava Certificate Validation System

4 matches found

CVE•added 2022/10/18 6:15 a.m.•44 views

CVE-2022-39056

RAVA certificate validation system has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL command to access, modify and delete database.

9.8CVSS10AI score0.00339EPSS

CVE•added 2022/10/18 6:15 a.m.•40 views

CVE-2022-39057

RAVA certificate validation system has insufficient filtering for special parameter of the web page input field. A remote attacker with administrator privilege can exploit this vulnerability to perform arbitrary system command and disrupt service.

7.2CVSS7.2AI score0.00324EPSS

CVE•added 2022/10/18 6:15 a.m.•38 views

CVE-2022-39058

RAVA certification validation system has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and access arbitrary system files.

7.5CVSS7.8AI score0.00037EPSS

CVE•added 2022/10/18 6:15 a.m.•34 views

CVE-2022-39055

RAVA certificate validation system has inadequate filtering for URL parameter. An unauthenticated remote attacker can perform SSRF attack to discover internal network topology base on query response.

5.3CVSS5.4AI score0.00086EPSS