CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-28054

Improper sanitization of trigger action scripts in VanDyke Software VShell for Windows v4.6.2 allows attackers to execute arbitrary code via a crafted value.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 76.3%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://www.vandyke.com/support/advisory/2022/02/remote-execution-via-triggers.html
https://www.vandyke.com/support/advisory/2022/02/remote-execution-via-triggers.html

Products affected by CVE-2022-28054

Vandyke » Vshell » Version: N/A

cpe:2.3:a:vandyke:vshell:-
Vandyke » Vshell » Version: 3.5.0.0

cpe:2.3:a:vandyke:vshell:3.5.0.0
Vandyke » Vshell » Version: 4.6.2

cpe:2.3:a:vandyke:vshell:4.6.2
Microsoft » Windows » Version: N/A

cpe:2.3:o:microsoft:windows:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-28054

Products

Pricing

Contact Us