CVE-2022-0074

Summary

Untrusted Search Path vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server Container allows Privilege Escalation. This affects versions from 1.6.15 before 1.7.16.1.

Affected Software

VendorProductVersion RangeStatus
LiteSpeed TechnologiesOpenLiteSpeed Web Server1.6.15 < 1.7.16.1affected
LiteSpeed TechnologiesLiteSpeed Web Server1.6.15 < 1.7.16.1affected

Weaknesses

  • CWE-426: CWE-426 Untrusted Search Path

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References