CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-35223

EasyUse MailHunter Ultimate’s cookie deserialization function has an inadequate validation vulnerability. Deserializing a cookie containing malicious payload will trigger this insecure deserialization vulnerability, allowing an unauthenticated remote attacker to execute arbitrary code, manipulate system command or interrupt service.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.018

EPSS Ranking 82.2%

CVSS Severity

CVSS v3 Score 9.8

References

https://www.chtsecurity.com/news/a381467e-74ff-4a8c-a4d3-fc86720f5400
https://www.twcert.org.tw/tw/cp-132-6365-b056c-1.html
https://www.chtsecurity.com/news/a381467e-74ff-4a8c-a4d3-fc86720f5400
https://www.twcert.org.tw/tw/cp-132-6365-b056c-1.html

Products affected by CVE-2022-35223

Easyuse » Mailhunter Ultimate » Version: N/A

cpe:2.3:a:easyuse:mailhunter_ultimate:-
Easyuse » Mailhunter Ultimate » Version: 2020

cpe:2.3:a:easyuse:mailhunter_ultimate:2020

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-35223

Products

Pricing

Contact Us