Lucene search
HistoryDec 05, 2022 - 4:15 a.m.
CVE-2022-41642
cve-2022-41642
command injection
nadesiko3
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.005
Percentile
77.8%
OS command injection vulnerability in Nadesiko3 (PC Version) v3.3.61 and earlier allows a remote attacker to execute an arbitrary OS command when processing compression and decompression on the product.
Affected configurations
Node
kujirahandnadesiko3Range≤3.3.68
| Vendor | Product | Version | CPE |
|---|---|---|---|
| kujirahand | nadesiko3 | * | cpe:2.3:a:kujirahand:nadesiko3:*:*:*:*:*:*:*:* |
Related
prion
prion
Command injection
2022-12-05 04:15:00
github
github
Nadesiko3 OS Command Injection vulnerability
2022-12-05 06:30:22
osv
osv
Nadesiko3 OS Command Injection vulnerability
2022-12-05 06:30:22
veracode
veracode
OS Command Injection
2022-12-08 06:57:54
cvelist
cvelist
CVE-2022-41642
2022-12-05 00:00:00
cve
cve
CVE-2022-41642
2022-12-05 04:15:09
jvn
jvn
JVN#56968681: Multiple vulnerabilities in nadesiko3
2022-10-20 00:00:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
0.005
Percentile
77.8%
Related for NVD:CVE-2022-41642