Vulnerability Details CVE-2022-31885
Marval MSM v14.19.0.12476 is vulnerable to OS Command Injection due to the insecure handling of VBScripts.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.287
EPSS Ranking 96.3%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- https://cyber-guy.gitbook.io/cyber-guy/pocs/marval-msm/os-command-injection
- https://drive.google.com/drive/folders/1Qa-6-LUzEnduSGfWLUjVLCyKr5wuEu5k?usp=sharing
- https://marvalglobal.com/
- https://cyber-guy.gitbook.io/cyber-guy/pocs/marval-msm/os-command-injection
- https://drive.google.com/drive/folders/1Qa-6-LUzEnduSGfWLUjVLCyKr5wuEu5k?usp=sharing
- https://marvalglobal.com/
Products affected by CVE-2022-31885
-
cpe:2.3:a:marvalglobal:marval_msm:14.19.0.12476