CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-22336

Path traversal vulnerability in SS1 Ver.13.0.0.40 and earlier and Rakuraku PC Cloud Agent Ver.2.1.8 and earlier allows a remote attacker to upload a specially crafted file to an arbitrary directory. As a result of exploiting this vulnerability with CVE-2023-22335 and CVE-2023-22344 vulnerabilities together, it may allow a remote attacker to execute an arbitrary code with SYSTEM privileges by sending a specially crafted script to the affected device.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.015

EPSS Ranking 80.4%

CVSS Severity

CVSS v3 Score 9.8

References

https://jvn.jp/en/jp/JVN57224029/
https://www.dos-osaka.co.jp/news/2023/03/230301.html
https://jvn.jp/en/jp/JVN57224029/
https://www.dos-osaka.co.jp/news/2023/03/230301.html

Products affected by CVE-2023-22336

Dos-Osaka » Rakuraku Pc Cloud Agent » Version: Any

cpe:2.3:a:dos-osaka:rakuraku_pc_cloud_agent:*
Dos-Osaka » Ss1 » Version: 13.0.0.40

cpe:2.3:a:dos-osaka:ss1:13.0.0.40

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-22336

Products

Pricing

Contact Us