CVE-2022-39838

2022-09-0515:39:50

mitre

www.cve.org

systematic fix adapter

remote file inclusion

absolute path traversal

unc share pathname

local pathnames

AI Score

8.5

Confidence

High

EPSS

0.005

Percentile

77.7%

JSON

Systematic FIX Adapter (ALFAFX) 2.4.0.25 13/09/2017 allows remote file inclusion via a UNC share pathname, and also allows absolute path traversal to local pathnames.

References

systematicalpha.com/company

systematicalpha.com/trading-programs/systematic-alpha-fx-master-fund

github.com/jet-pentest/CVE-2022-39838