File Overwrite Vulnerability in SmarterTrack v100.0.8019.14010

File Overwrite Vulnerability in SmarterTrack v100.0.8019.14010

CVE-2022-24387 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

With administrator or admin privileges the application can be tricked into overwriting files in app_data/Config folder, e.g. the systemsettings.xml file. THis is possible in SmarterTrack v100.0.8019.14010

Learn more about our Web Application Penetration Testing UK.