Vulnerability Details CVE-2022-30549
Out-of-bounds read vulnerability exists in V-Server v4.0.11.0 and earlier and V-Server Lite v4.0.13.0 and earlier, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.7%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.8
References
- https://jvn.jp/en/vu/JVNVU93134398/index.html
- https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php
- https://monitouch.fujielectric.com/site/download-eu/03tellus_inf/index.php
- https://jvn.jp/en/vu/JVNVU93134398/index.html
- https://monitouch.fujielectric.com/site/download-e/09vsft6_inf/Search.php
- https://monitouch.fujielectric.com/site/download-eu/03tellus_inf/index.php
Products affected by CVE-2022-30549
-
cpe:2.3:a:fujielectric:v-server:3.3.24.0
-
cpe:2.3:a:fujielectric:v-server:4.0.10.0
-
cpe:2.3:a:fujielectric:v-server:4.0.11.0
-
cpe:2.3:a:fujielectric:v-server:4.0.12.0
-
cpe:2.3:a:fujielectric:v-server:4.0.13.0
-
cpe:2.3:a:fujielectric:v-server:4.0.3.0
-
cpe:2.3:a:fujielectric:v-server:4.0.9.0