Vector Strings

Severity Score: 7.5
Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6

Access Vector (AV):
Access Complexity (AC):
Authentication (AU): NONE
Confidentiality (C): HIGH
Integrity (I): NONE
Availability (A): NONE

Published Date: 2022-08-02
Last Modified: 2022-08-08

CVE-2022-34924

About:
Lanling OA Landray Office Automation (OA) internal patch number #133383/#137780 contains an arbitrary file read vulnerability via the component /sys/ui/extend/varkind/custom.jsp.

References

https://developpaper.com/lanling-oa-foreground-arbitrary-file-reading-vulnerability-exploitation/
https://codeantenna.com/a/DXQfemaZEH

Related CVEs

No related CVEs.

Empower Your Security Strategy with Rainforest

Discover vulnerabilities early, prioritize critical threats, and protect what truly matters. Rainforest streamlines your security operations, saving you time and reducing costs, so you can focus on what drives your business forward.

Book a Demo