Critical Unrestricted Upload Vulnerability in URVE Web Manager

Critical Unrestricted Upload Vulnerability in URVE Web Manager

CVE-2022-2418 · HIGH Severity

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

A vulnerability was found in URVE Web Manager. It has been classified as critical. This affects an unknown part of the file kreator.html5/img_upload.php. The manipulation leads to unrestricted upload. Access to the local network is required for this attack. The exploit has been disclosed to the public and may be used.

Learn more about our Web App Pen Testing.