Lucene search
@huntrdevCVE-2022-2872HistorySep 21, 2022 - 10:15 a.m.
CVE-2022-2872
2022-09-2110:15:09
CWE-434
@huntrdev
web.nvd.nist.gov
51
6
cve-2022-2872
unrestricted upload
file upload
github
octoprint
nvd
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
21.4%
Unrestricted Upload of File with Dangerous Type in GitHub repository octoprint/octoprint prior to 1.8.3.
Affected configurations
Node
octoprintoctoprintRange<1.8.3
CNA Affected
[
{
"product": "octoprint/octoprint",
"vendor": "octoprint",
"versions": [
{
"lessThan": "1.8.3",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
veracode
veracode
Arbitrary File Upload
2022-09-26 07:39:13
cvelist
cvelist
huntr
huntr
Unrestricted File Upload Allowed due to Flawed Move File Functionality
2022-08-15 20:09:29
github
github
OctoPrint vulnerable to Unrestricted Upload of File with Dangerous Type
2022-09-22 00:00:32
nvd
nvd
CVE-2022-2872
2022-09-21 10:15:09
osv
osv
CVE-2022-2872
2022-09-21 10:15:09
PYSEC-2022-286
2022-09-21 10:15:00
OctoPrint vulnerable to Unrestricted Upload of File with Dangerous Type
2022-09-22 00:00:32
prion
prion
Unrestricted file upload
2022-09-21 10:15:00
CVSS3
5.4
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
21.4%
Related for CVE-2022-2872