Vulnerabilities (CVE)

Filtered by vendor Changingtec Subscribe
Filtered by product Rava Certificate Validation System
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-39058 1 Changingtec 1 Rava Certificate Validation System 2024-11-21 N/A 7.5 HIGH
RAVA certification validation system has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and access arbitrary system files.
CVE-2022-39057 1 Changingtec 1 Rava Certificate Validation System 2024-11-21 N/A 7.2 HIGH
RAVA certificate validation system has insufficient filtering for special parameter of the web page input field. A remote attacker with administrator privilege can exploit this vulnerability to perform arbitrary system command and disrupt service.
CVE-2022-39056 1 Changingtec 1 Rava Certificate Validation System 2024-11-21 N/A 9.8 CRITICAL
RAVA certificate validation system has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL command to access, modify and delete database.
CVE-2022-39055 1 Changingtec 1 Rava Certificate Validation System 2024-11-21 N/A 5.3 MEDIUM
RAVA certificate validation system has inadequate filtering for URL parameter. An unauthenticated remote attacker can perform SSRF attack to discover internal network topology base on query response.