Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv3

CVE-2022-29623

Published: 16/05/2022 Updated: 24/05/2022
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 605
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Connect-multiparty Project

Vulnerability Summary

An arbitrary file upload vulnerability in the file upload module of Connect-Multiparty v2.2.0 allows malicious users to execute arbitrary code via a crafted PDF file.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

connect-multiparty project connect-multiparty 2.2.0

Github Repositories

https://github.com/RayRRT/Active-Directory-Certificate-Services-abuse

Although this is nothing new, these days I wanted to read and learn in depth how Active Directory Certificate Services works For this purpose, I configured the ADCS, the CA and the vulnerable templates in my lab, replicating each of the cases shown in the awesome SpecterOps ADCS whitepaper , in addition to other resources which I will refer to through this post First of all,

References

CWE-434https://www.youtube.com/watch?v=i3xJR-91rrMhttps://nvd.nist.govhttps://github.com/RayRRT/Active-Directory-Certificate-Services-abuse
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761command injectionCVE-2024-3676IDORCVE-2024-30039CVE-2024-32113CVE-2024-30049CVE-2024-4776SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook