Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2022-22836
HistoryJan 10, 2022 - 2:12 p.m.

CVE-2022-22836

2022-01-1014:12:57
CWE-22
mitre
web.nvd.nist.gov
131
coreftp server
directory traversal
http put
cve-2022-22836
nvd

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

AI Score

6.4

Confidence

High

EPSS

0.006

Percentile

79.4%

JSON

CoreFTP Server before 727 allows directory traversal (for file creation) by an authenticated attacker via …/ in an HTTP PUT request.

Affected configurations

Nvd
Node
coreftpcore_ftpRange1.2
OR
coreftpcore_ftpMatch2.0build_639
OR
coreftpcore_ftpMatch2.0build_640
OR
coreftpcore_ftpMatch2.0build_641
OR
coreftpcore_ftpMatch2.0build_642
OR
coreftpcore_ftpMatch2.0build_645
OR
coreftpcore_ftpMatch2.0build_647
OR
coreftpcore_ftpMatch2.0build_649
OR
coreftpcore_ftpMatch2.0build_651
OR
coreftpcore_ftpMatch2.0build_653
OR
coreftpcore_ftpMatch2.0build_655
OR
coreftpcore_ftpMatch2.0build_656
OR
coreftpcore_ftpMatch2.0build_657
OR
coreftpcore_ftpMatch2.0build_658
OR
coreftpcore_ftpMatch2.0build_659
OR
coreftpcore_ftpMatch2.0build_665
OR
coreftpcore_ftpMatch2.0build_667
OR
coreftpcore_ftpMatch2.0build_668
OR
coreftpcore_ftpMatch2.0build_671
OR
coreftpcore_ftpMatch2.0build_673
OR
coreftpcore_ftpMatch2.0build_674
OR
coreftpcore_ftpMatch2.0build_676
OR
coreftpcore_ftpMatch2.0build_677
OR
coreftpcore_ftpMatch2.0build_679
OR
coreftpcore_ftpMatch2.0build_682
OR
coreftpcore_ftpMatch2.0build_687
OR
coreftpcore_ftpMatch2.0build_689
OR
coreftpcore_ftpMatch2.0build_691
OR
coreftpcore_ftpMatch2.0build_694
OR
coreftpcore_ftpMatch2.0build_695
OR
coreftpcore_ftpMatch2.0build_697
OR
coreftpcore_ftpMatch2.0build_699
OR
coreftpcore_ftpMatch2.0build_702
OR
coreftpcore_ftpMatch2.0build_704
OR
coreftpcore_ftpMatch2.0build_705
OR
coreftpcore_ftpMatch2.0build_711
OR
coreftpcore_ftpMatch2.0build_713
OR
coreftpcore_ftpMatch2.0build_715
OR
coreftpcore_ftpMatch2.0build_719
OR
coreftpcore_ftpMatch2.0build_725
VendorProductVersionCPE
coreftpcore_ftp*cpe:2.3:a:coreftp:core_ftp:*:*:*:*:*:*:*:*
coreftpcore_ftp2.0cpe:2.3:a:coreftp:core_ftp:2.0:build_639:*:*:*:*:*:*
coreftpcore_ftp2.0cpe:2.3:a:coreftp:core_ftp:2.0:build_640:*:*:*:*:*:*
coreftpcore_ftp2.0cpe:2.3:a:coreftp:core_ftp:2.0:build_641:*:*:*:*:*:*
coreftpcore_ftp2.0cpe:2.3:a:coreftp:core_ftp:2.0:build_642:*:*:*:*:*:*
coreftpcore_ftp2.0cpe:2.3:a:coreftp:core_ftp:2.0:build_645:*:*:*:*:*:*
coreftpcore_ftp2.0cpe:2.3:a:coreftp:core_ftp:2.0:build_647:*:*:*:*:*:*
coreftpcore_ftp2.0cpe:2.3:a:coreftp:core_ftp:2.0:build_649:*:*:*:*:*:*
coreftpcore_ftp2.0cpe:2.3:a:coreftp:core_ftp:2.0:build_651:*:*:*:*:*:*
coreftpcore_ftp2.0cpe:2.3:a:coreftp:core_ftp:2.0:build_653:*:*:*:*:*:*
Rows per page:
1-10 of 401

Related

nvd 1
prion 1
packetstorm 1
cvelist 1
zdt 1
exploitdb 1
nvd
nvd
CVE-2022-22836
2022-01-10 14:12:57
prion
prion
Directory traversal
2022-01-10 14:12:00
packetstorm
packetstorm
CoreFTP Server Build 725 Directory Traversal
2022-01-10 00:00:00
cvelist
cvelist
CVE-2022-22836
2022-01-08 22:30:11
zdt
zdt
CoreFTP Server build 725 - Directory Traversal (Authenticated) Vulnerability
2022-01-10 00:00:00
exploitdb
exploitdb
CoreFTP Server build 725 - Directory Traversal (Authenticated)
2022-01-10 00:00:00

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:S/C:N/I:P/A:N

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

AI Score

6.4

Confidence

High

EPSS

0.006

Percentile

79.4%

JSON
Related for CVE-2022-22836
nvd1prion1packetstorm1cvelist1zdt1exploitdb1