CVE-2022-46306

ChangingTec ServiSign component has a path traversal vulnerability due to insufficient filtering for special characters in the DLL file path. An unauthenticated remote attacker can host a malicious website for the component user to access, which triggers the component to load malicious DLL files under arbitrary file path and allows the attacker to perform arbitrary system operation and disrupt of service.

CVSS v3 8.8 HIGH

8.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.8 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.twcert.org.tw/tw/cp-132-6802-4341b-1.html	Third Party Advisory VDB Entry
https://www.twcert.org.tw/tw/cp-132-6802-4341b-1.html	Third Party Advisory VDB Entry

Configurations

Configuration 1 (hide)

cpe:2.3:a:changingtec:servisign:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:30

Type	Values Removed	Values Added
Summary		(es) El componente ChangingTec ServiSign tiene una vulnerabilidad de Path Traversal debido a un filtrado insuficiente de caracteres especiales en la ruta del archivo DLL. Un atacante remoto no autenticado puede alojar un sitio web malicioso al que puede acceder el usuario del componente, lo que hace que el componente cargue archivos DLL maliciosos en una ruta de archivo arbitraria y permite al atacante realizar operaciones arbitrarias del sistema e interrumpir el servicio.
CVSS	v2 : ~~unknown~~ v3 : ~~7.8~~	v2 : unknown v3 : 8.8
References	~~() https://www.twcert.org.tw/tw/cp-132-6802-4341b-1.html - Third Party Advisory, VDB Entry~~	() https://www.twcert.org.tw/tw/cp-132-6802-4341b-1.html - Third Party Advisory, VDB Entry

Information

Published : 2023-01-03 03:15

Updated : 2024-11-21 07:30

NVD link : CVE-2022-46306

Mitre link : CVE-2022-46306

CVE.ORG link : CVE-2022-46306

JSON object : View

Products Affected

changingtec

servisign

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

{"id": "CVE-2022-46306", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "twcert@cert.org.tw", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2023-01-03T03:15:10.637", "references": [{"url": "https://www.twcert.org.tw/tw/cp-132-6802-4341b-1.html", "tags": ["Third Party Advisory", "VDB Entry"], "source": "twcert@cert.org.tw"}, {"url": "https://www.twcert.org.tw/tw/cp-132-6802-4341b-1.html", "tags": ["Third Party Advisory", "VDB Entry"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "twcert@cert.org.tw", "description": [{"lang": "en", "value": "CWE-22"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-22"}]}], "descriptions": [{"lang": "en", "value": "ChangingTec ServiSign component has a path traversal vulnerability due to insufficient filtering for special characters in the DLL file path. An unauthenticated remote attacker can host a malicious website for the component user to access, which triggers the component to load malicious DLL files under arbitrary file path and allows the attacker to perform arbitrary system operation and disrupt of service."}, {"lang": "es", "value": "El componente ChangingTec ServiSign tiene una vulnerabilidad de Path Traversal debido a un filtrado insuficiente de caracteres especiales en la ruta del archivo DLL. Un atacante remoto no autenticado puede alojar un sitio web malicioso al que puede acceder el usuario del componente, lo que hace que el componente cargue archivos DLL maliciosos en una ruta de archivo arbitraria y permite al atacante realizar operaciones arbitrarias del sistema e interrumpir el servicio."}], "lastModified": "2024-11-21T07:30:21.113", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:changingtec:servisign:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DB1F1012-3AFF-4D76-AEB6-BDEADFE1423F"}], "operator": "OR"}]}], "sourceIdentifier": "twcert@cert.org.tw"}