iSpy v7.2.2.0 is vulnerable to remote command execution via path traversal.
References
Link | Resource |
---|---|
https://gist.github.com/securylight/79f673aa3a453c80c0e78f356a8f650b | Third Party Advisory |
https://github.com/securylight/CVES_write_ups | Third Party Advisory |
https://github.com/securylight/CVES_write_ups/blob/main/iSpy_connect.pdf | Exploit |
https://gist.github.com/securylight/79f673aa3a453c80c0e78f356a8f650b | Third Party Advisory |
https://github.com/securylight/CVES_write_ups | Third Party Advisory |
https://github.com/securylight/CVES_write_ups/blob/main/iSpy_connect.pdf | Exploit |
Configurations
History
21 Nov 2024, 06:59
Type | Values Removed | Values Added |
---|---|---|
References | () https://gist.github.com/securylight/79f673aa3a453c80c0e78f356a8f650b - Third Party Advisory | |
References | () https://github.com/securylight/CVES_write_ups - Third Party Advisory | |
References | () https://github.com/securylight/CVES_write_ups/blob/main/iSpy_connect.pdf - Exploit |
Information
Published : 2022-06-21 14:15
Updated : 2024-11-21 06:59
NVD link : CVE-2022-29774
Mitre link : CVE-2022-29774
CVE.ORG link : CVE-2022-29774
JSON object : View
Products Affected
ispyconnect
- ispy
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')