CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-40319

The LISTSERV 17 web interface allows remote attackers to conduct Insecure Direct Object References (IDOR) attacks via a modified email address in a wa.exe URL. The impact is unauthorized modification of a victim's LISTSERV account.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.11

EPSS Ranking 93.2%

CVSS Severity

CVSS v3 Score 7.5

References

https://packetstormsecurity.com/2301-exploits/listserv17-idor.txt
https://peach.ease.lsoft.com/scripts/wa-PEACH.exe?A0=LSTSRV-L
https://packetstormsecurity.com/2301-exploits/listserv17-idor.txt
https://peach.ease.lsoft.com/scripts/wa-PEACH.exe?A0=LSTSRV-L

Products affected by CVE-2022-40319

Lsoft » Listserv » Version: 17.0

cpe:2.3:a:lsoft:listserv:17.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-40319

Products

Pricing

Contact Us