CVE-2022-25767

Summary

All versions of package com.bstek.ureport:ureport2-console are vulnerable to Remote Code Execution by connecting to a malicious database server, causing arbitrary file read and deserialization of local gadgets.

Affected Software

VendorProductVersion RangeStatus
n/acom.bstek.ureport:ureport2-console0 < unspecifiedaffected

Weaknesses

  • Remote Code Execution

ADP Enrichment

CVE Program Container

Additional References

References