CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-28863

An issue was discovered in Nokia NetAct 22. A remote user, authenticated to the website, can visit the Site Configuration Tool section and arbitrarily upload potentially dangerous files without restrictions via the /netact/sct dir parameter in conjunction with the operation=upload value.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 45.9%

CVSS Severity

CVSS v3 Score 8.8

References

https://www.gruppotim.it/it/footer/red-team.html
https://www.telecomitalia.com/tit/it/innovazione/cybersecurity/red-team.html
https://www.gruppotim.it/it/footer/red-team.html
https://www.telecomitalia.com/tit/it/innovazione/cybersecurity/red-team.html

Products affected by CVE-2022-28863

Nokia » Netact » Version: 22.0.0.62

cpe:2.3:a:nokia:netact:22.0.0.62

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-28863

Products

Pricing

Contact Us