SeedDMS 6.0.17 and 5.1.24 are vulnerable to Directory Traversal. The "Remove file" functionality inside the "Log files management" menu does not sanitize user input allowing attackers with admin privileges to delete arbitrary files on the remote system.
References
Link | Resource |
---|---|
https://github.com/looCiprian/Responsible-Vulnerability-Disclosure/tree/main/CVE-2022-28478 | Exploit Patch Third Party Advisory |
https://sourceforge.net/p/seeddms/code/ci/d68c922152e8a8060dd7fc3ebdd7af685e270e36/ | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-06-06T22:17:28
Updated: 2022-06-06T22:17:28
Reserved: 2022-04-04T00:00:00
Link: CVE-2022-28478
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-06-06T23:15:08.167
Modified: 2022-06-14T16:15:19.083
Link: CVE-2022-28478
JSON object: View
Redhat Information
No data.
CWE