National Cyber Warfare Foundation (NCWF) Forums


CVE-2022-42002


0 user ratings
2022-10-01 06:15:52
milo
CVEs
SonicJS through 0.6.0 allows file overwrite. It has the following mutations that are used for updating files: fileCreate and fileUpdate. Both of these mutations can be called without any authentication to overwrite any files on a SonicJS application, leading to Arbitrary File Write and Delete.

CVE-2022-42002
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-42002
SonicJS through 0.6.0 allows file overwrite. It has the following mutations that are used for updating files: fileCreate and fileUpdate. Both of these mutations can be called without any authentication to overwrite any files on a SonicJS application, leading to Arbitrary File Write and Delete.
2022-10-01T00:15:10Z

Source: CVEAnnouncements
Source Link: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-42002


Comments
new comment
Nobody has commented yet. Will you be the first?
 
Forum
CVEs



© Copyright 2012 through 2022 - National Cyber War Foundation - All rights reserved worldwide.