Vulnerability Details CVE-2022-43436
The File Upload function of EasyTest has insufficient filtering for special characters and file type. A remote attacker authenticated as a general user can upload and execute arbitrary files, to manipulate system or disrupt service.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.6%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2022-43436
-
cpe:2.3:a:easy_test_project:easy_test:22h29