CVE-2022-36537
ZK Framework AuUploader Unspecified Vulnerability
CVSS
—
Sin CVSS
EPSS
95.3%
p100
KEV
SÍ
27 feb 2023
Exploit Today
80
0-100
Publicado: — · Última mod.: —
Producto
ZK Framework / AuUploader
Vulnerabilidad
ZK Framework AuUploader Unspecified Vulnerability
Añadido a KEV
27 feb 2023
Remediar antes de
20 mar 2023
Uso conocido en ransomware
Sí
Descripción resumida
ZK Framework AuUploader servlets contain an unspecified vulnerability that could allow an attacker to retrieve the content of a file located in the web context. The ZK Framework is an open-source Java framework. This vulnerability can impact multiple products, including but not limited to ConnectWise R1Soft Server Backup Manager.
Acción requerida
Apply updates per vendor instructions.
Notas
https://tracker.zkoss.org/browse/ZK-5150; https://nvd.nist.gov/vuln/detail/CVE-2022-36537
Sin CVEs relacionados por CWE o producto.