Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.9
CVSSv3

CVE-2022-45326

Published: 06/12/2022 Updated: 08/12/2022
CVSS v3 Base Score: 4.9 | Impact Score: 3.6 | Exploitability Score: 1.2
VMScore: 0

Vulnerability Summary

An XML external entity (XXE) injection vulnerability in Kwoksys Kwok Information Server before v2.9.5.SP31 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

kwoksys information server 2.9.5

kwoksys information server

References

CWE-611https://www.navsec.net/2022/11/12/kwoksys-xxe.htmlhttp://www.kwoksys.com/wiki/index.php?title=Release_Noteshttps://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validationCVE-2012-1823malicious code‎CVE-2024-5770CVE-2023-45866CVE-2024-35687local usersCVE-2024-31246CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook