HotelDruid v3.0.3 was discovered to contain a remote code execution (RCE) vulnerability which is exploited via an attacker inserting a crafted payload into the name field under the Create New Room module.
References
Link | Resource |
---|---|
https://github.com/0z09e/CVE-2022-22909 | Exploit Third Party Advisory |
https://www.hoteldruid.com | Product Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-03-02T23:49:47
Updated: 2022-03-02T23:49:47
Reserved: 2022-01-10T00:00:00
Link: CVE-2022-22909
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-03-03T00:15:08.397
Modified: 2022-03-09T19:28:03.580
Link: CVE-2022-22909
JSON object: View
Redhat Information
No data.
CWE