iSpy v7.2.2.0 is vulnerable to remote command execution via path traversal.
References
Link | Resource |
---|---|
https://gist.github.com/securylight/79f673aa3a453c80c0e78f356a8f650b | Third Party Advisory |
https://github.com/securylight/CVES_write_ups | Third Party Advisory |
https://github.com/securylight/CVES_write_ups/blob/main/iSpy_connect.pdf | Exploit |
Configurations
History
No history.
Information
Published : 2022-06-21 14:15
Updated : 2024-02-28 19:09
NVD link : CVE-2022-29774
Mitre link : CVE-2022-29774
CVE.ORG link : CVE-2022-29774
JSON object : View
Products Affected
ispyconnect
- ispy
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')