CVE-2022-3525
9
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
Deserialization of Untrusted Data in GitHub repository librenms/librenms prior to 22.10.0.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| librenms | librenms/librenms | unspecified < 22.10.0 | affected |
Weaknesses
- CWE-502: CWE-502 Deserialization of Untrusted Data
ADP Enrichment
CVE Program Container
Additional References
- https://huntr.dev/bounties/ed048e8d-87af-440a-a91f-be1e65a40330
- https://github.com/librenms/librenms/commit/ae3925b09ad3c5d0f7a9d5a26ae2f2f778834948
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: no
- Technical Impact: total
References
- https://huntr.dev/bounties/ed048e8d-87af-440a-a91f-be1e65a40330
- https://github.com/librenms/librenms/commit/ae3925b09ad3c5d0f7a9d5a26ae2f2f778834948
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.