Vulnerability Details CVE-2022-38840
cgi-bin/xmlstatus.cgi in Güralp MAN-EAM-0003 3.2.4 is vulnerable to an XML External Entity (XXE) issue via XML file upload, which leads to local file disclosure.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.017
EPSS Ranking 81.4%
CVSS Severity
CVSS v3 Score 7.5
References
- http://packetstormsecurity.com/files/171439/MAN-EAM-0003-3.2.4-XML-Injection.html
- https://drive.google.com/drive/folders/1UG5IcL8fFp9MV0vjd78_cx6iXKda5bpM?usp=sharing
- http://packetstormsecurity.com/files/171439/MAN-EAM-0003-3.2.4-XML-Injection.html
- https://drive.google.com/drive/folders/1UG5IcL8fFp9MV0vjd78_cx6iXKda5bpM?usp=sharing
Products affected by CVE-2022-38840
-
cpe:2.3:a:guralp:man-eam-0003:3.2.4