A directory traversal vulnerability exists in the httpd update.cgi functionality of FreshTomato 2022.5. A specially crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability.
References
Link | Resource |
---|---|
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1642 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: talos
Published: 2023-01-30T10:11:51.438Z
Updated:
Reserved: 2022-10-07T15:53:52.618Z
Link: CVE-2022-38451
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-01-30T11:15:09.407
Modified: 2023-02-06T21:53:03.713
Link: CVE-2022-38451
JSON object: View
Redhat Information
No data.
CWE