Vulnerability Details CVE-2022-39022
U-Office Force Download function has a path traversal vulnerability. A remote attacker with general user privilege can exploit this vulnerability to download arbitrary system file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 24.8%
CVSS Severity
CVSS v3 Score 6.5
References
Products affected by CVE-2022-39022
-
cpe:2.3:a:edetw:u-office_force:-
-
cpe:2.3:a:edetw:u-office_force:20.0.7668d
-
cpe:2.3:a:edetw:u-office_force:20.50.7821d