Servisign Security Vulnerabilities and Issues — Servisign CVE List

Lucene search

ChangingtecServisign

3 matches found

CVE•added 2020/02/03 11:15 a.m.•39 views

CVE-2020-3927

An arbitrary-file-access vulnerability exists in ServiSign security plugin, as long as the attackers learn the specific API function, they may access arbitrary files on target system via crafted API parameter.

8.5CVSS7.8AI score0.00411EPSS

CVE•added 2023/01/03 3:15 a.m.•37 views

CVE-2022-46306

ChangingTec ServiSign component has a path traversal vulnerability due to insufficient filtering for special characters in the DLL file path. An unauthenticated remote attacker can host a malicious website for the component user to access, which triggers the component to load malicious DLL files un...

8.8CVSS7.9AI score0.00951EPSS

CVE•added 2023/01/03 3:15 a.m.•31 views

CVE-2022-46304

ChangingTec ServiSign component has insufficient filtering for special characters in the connection response parameter. An unauthenticated remote attacker can host a malicious website for the component user to access, which triggers command injection and allows the attacker to execute arbitrary sys...

8.8CVSS9.2AI score0.00407EPSS