CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-50925

Prowise Reflect version 1.0.9 contains a remote keystroke injection vulnerability that allows attackers to send keyboard events through an exposed WebSocket on port 8082. Attackers can craft malicious web pages to inject keystrokes, opening applications and typing arbitrary text by sending specific WebSocket messages.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 5.7%

CVSS Severity

CVSS v3 Score 9.8

References

https://www.exploit-db.com/exploits/50796
https://www.prowise.com/
https://www.vulncheck.com/advisories/prowise-reflect-remote-keystroke-injection
https://www.exploit-db.com/exploits/50796

Products affected by CVE-2022-50925

Prowise » Reflect » Version: 1.0.9

cpe:2.3:a:prowise:reflect:1.0.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-50925

Products

Pricing

Contact Us