3 matches found
CVE-2022-24235
CVE-2022-24235 describes a Cross-Site Request Forgery in the management portal of Snapt Aria v12.8 that allows attackers to escalate privileges and execute arbitrary code via unspecified vectors. The available connected documents reiterate this vulnerability and its impact but do not provide conc...
CVE-2022-24237
CVE-2022-24237 affects Snapt Aria v12.8’s snaptPowered2 component. A command-injection vulnerability allows authenticated attackers to execute arbitrary commands. Documented impact is that this can lead to remote command execution with elevated risk (CVSSv3.1: 8.8, HIGH; network access, low privi...
CVE-2022-24236
CVE-2022-24236 : In Snapt Aria v12.8, an insecure permissions issue allows unauthenticated attackers to send emails from spoofed user accounts. The connected sources corroborate the vulnerability and its impact to email abuse, but do not provide concrete remediation details (patch versions/workar...