Vulnerability Details CVE-2022-29774
iSpy v7.2.2.0 is vulnerable to remote command execution via path traversal.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.32
EPSS Ranking 96.6%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- https://gist.github.com/securylight/79f673aa3a453c80c0e78f356a8f650b
- https://github.com/securylight/CVES_write_ups
- https://github.com/securylight/CVES_write_ups/blob/main/iSpy_connect.pdf
- https://gist.github.com/securylight/79f673aa3a453c80c0e78f356a8f650b
- https://github.com/securylight/CVES_write_ups
- https://github.com/securylight/CVES_write_ups/blob/main/iSpy_connect.pdf
Products affected by CVE-2022-29774
-
cpe:2.3:a:ispyconnect:ispy:7.2.2.0