CWE-749
AllowedExposed Dangerous Method or Function
Abstraction: Base · Status: Incomplete
The product provides an Applications Programming Interface (API) or similar interface for interaction with external actors, but the interface includes a dangerous method or function that is not properly restricted.
304 vulnerabilities reference this CWE, most recent first.
CVE-2023-27363 (GCVE-0-2023-27363)
Vulnerability from cvelistv5 – Published: 2024-05-03 01:56 – Updated: 2024-08-02 12:09- CWE-749 - Exposed Dangerous Method or Function
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://www.foxit.com/support/security-bulletins.html | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Foxit | PDF Reader |
Affected:
12.1.0.15250
|
|
| foxit | phantompdf |
Affected:
0 , < 10.1.11.37866
(custom)
cpe:2.3:a:foxit:phantompdf:*:*:*:*:*:*:*:* |
|
| foxit | pdf_editor |
Affected:
11.0.0 , ≤ 11.2.5.53785
(custom)
cpe:2.3:a:foxit:pdf_editor:11.0.0:*:*:*:*:*:*:* |
|
| foxit | pdf_editor |
Affected:
0 , ≤ 10.1.11.37866
(custom)
cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:* |
|
| foxit | phantompdf |
Affected:
0 , ≤ 10.1.11.37866
(custom)
cpe:2.3:a:foxit:phantompdf:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxit:phantompdf:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "phantompdf",
"vendor": "foxit",
"versions": [
{
"lessThan": "10.1.11.37866",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:11.0.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "11.2.5.53785",
"status": "affected",
"version": "11.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "pdf_editor",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "10.1.11.37866",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:foxit:phantompdf:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "phantompdf",
"vendor": "foxit",
"versions": [
{
"lessThanOrEqual": "10.1.11.37866",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-27363",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-01T20:58:42.481767Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-01T21:41:13.162Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T12:09:43.350Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ZDI-23-491",
"tags": [
"x_research-advisory",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-491/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "PDF Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "12.1.0.15250"
}
]
}
],
"dateAssigned": "2023-02-28T18:05:54.109Z",
"datePublic": "2023-05-01T21:29:14.501Z",
"descriptions": [
{
"lang": "en",
"value": "Foxit PDF Reader exportXFAData Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the exportXFAData method. The application exposes a JavaScript interface that allows writing arbitrary files. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-19697."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-749",
"description": "CWE-749: Exposed Dangerous Method or Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-05-03T01:56:14.432Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-23-491",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-23-491/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://www.foxit.com/support/security-bulletins.html"
}
],
"source": {
"lang": "en",
"value": "Andrea Micalizzi aka rgod"
},
"title": "Foxit PDF Reader exportXFAData Exposed Dangerous Method Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2023-27363",
"datePublished": "2024-05-03T01:56:14.432Z",
"dateReserved": "2023-02-28T17:58:45.484Z",
"dateUpdated": "2024-08-02T12:09:43.350Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-26478 (GCVE-0-2023-26478)
Vulnerability from cvelistv5 – Published: 2023-03-02 17:46 – Updated: 2025-03-05 20:49- CWE-749 - Exposed Dangerous Method or Function
| URL | Tags |
|---|---|
| https://github.com/xwiki/xwiki-platform/security/… | x_refsource_CONFIRM |
| https://github.com/xwiki/xwiki-platform/commit/3c… | x_refsource_MISC |
| https://jira.xwiki.org/browse/XWIKI-20180 | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| xwiki | xwiki-platform |
Affected:
>= 14.3-rc-1, < 14.4.6
Affected: >= 14.5, < 14.9-rc-1 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T11:53:53.814Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-8692-g6g9-gm5p",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-8692-g6g9-gm5p"
},
{
"name": "https://github.com/xwiki/xwiki-platform/commit/3c73c59e39b6436b1074d8834cf276916010014d",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/xwiki/xwiki-platform/commit/3c73c59e39b6436b1074d8834cf276916010014d"
},
{
"name": "https://jira.xwiki.org/browse/XWIKI-20180",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jira.xwiki.org/browse/XWIKI-20180"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-26478",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T20:48:58.284479Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-05T20:49:02.330Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "xwiki-platform",
"vendor": "xwiki",
"versions": [
{
"status": "affected",
"version": "\u003e= 14.3-rc-1, \u003c 14.4.6"
},
{
"status": "affected",
"version": "\u003e= 14.5, \u003c 14.9-rc-1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "XWiki Platform is a generic wiki platform. Starting in version 14.3-rc-1, `org.xwiki.store.script.TemporaryAttachmentsScriptService#uploadTemporaryAttachment` returns an instance of `com.xpn.xwiki.doc.XWikiAttachment`. This class is not supported to be exposed to users without the `programing` right.\n`com.xpn.xwiki.api.Attachment` should be used instead and takes case of checking the user\u0027s rights before performing dangerous operations. This has been patched in versions 14.9-rc-1 and 14.4.6. There are no known workarounds for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-749",
"description": "CWE-749: Exposed Dangerous Method or Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-02T17:46:15.394Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-8692-g6g9-gm5p",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-8692-g6g9-gm5p"
},
{
"name": "https://github.com/xwiki/xwiki-platform/commit/3c73c59e39b6436b1074d8834cf276916010014d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/xwiki/xwiki-platform/commit/3c73c59e39b6436b1074d8834cf276916010014d"
},
{
"name": "https://jira.xwiki.org/browse/XWIKI-20180",
"tags": [
"x_refsource_MISC"
],
"url": "https://jira.xwiki.org/browse/XWIKI-20180"
}
],
"source": {
"advisory": "GHSA-8692-g6g9-gm5p",
"discovery": "UNKNOWN"
},
"title": "org.xwiki.platform:xwiki-platform-store-filesystem-oldcore has Exposed Dangerous Method or Function"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2023-26478",
"datePublished": "2023-03-02T17:46:15.394Z",
"dateReserved": "2023-02-23T23:22:58.573Z",
"dateUpdated": "2025-03-05T20:49:02.330Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5389 (GCVE-0-2023-5389)
Vulnerability from cvelistv5 – Published: 2024-01-30 20:00 – Updated: 2025-06-17 21:29| Vendor | Product | Version | |
|---|---|---|---|
| Honeywell | ControlEdge UOC |
Affected:
520.2 , ≤ 520.2 TCU4
(semver)
Affected: 510.1 , ≤ 510.2 HF13 (semver) Affected: 520.1 , ≤ 520.1 TCU4 (semver) Affected: 511.1 , ≤ 511.5 TCU4 HF3 (semver) |
|
| Honeywell | ControlEdge UOC |
Affected:
520.2 , ≤ 520.2 TCU4
(semver)
Affected: 511.1 , ≤ 511.5 TCU4 HF3 (semver) Affected: 520.1 , ≤ 520.1 TCU4 (semver) |
|
| Honeywell | ControlEdge UOC |
Affected:
520.2 , ≤ 520.2 TCU4
(semver)
Affected: 520.1 , ≤ 520.1 TCU4 (semver) Affected: 520.2 TCU4 HFR2 , ≤ 511.5 TCU4 HF3 (semver) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.048Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://process.honeywell.com"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.honeywell.com/us/en/product-security"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5389",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-01-31T15:30:52.882701Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T21:29:17.826Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Experion PKS"
],
"product": "ControlEdge UOC",
"vendor": "Honeywell",
"versions": [
{
"lessThanOrEqual": "520.2 TCU4",
"status": "affected",
"version": "520.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "510.2 HF13",
"status": "affected",
"version": "510.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "520.1 TCU4",
"status": "affected",
"version": "520.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "511.5 TCU4 HF3",
"status": "affected",
"version": "511.1",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Experion LX"
],
"product": "ControlEdge UOC",
"vendor": "Honeywell",
"versions": [
{
"lessThanOrEqual": "520.2 TCU4",
"status": "affected",
"version": "520.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "511.5 TCU4 HF3",
"status": "affected",
"version": "511.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "520.1 TCU4",
"status": "affected",
"version": "520.1",
"versionType": "semver"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"PlantCruise by Experion"
],
"product": "ControlEdge UOC",
"vendor": "Honeywell",
"versions": [
{
"lessThanOrEqual": "520.2 TCU4",
"status": "affected",
"version": "520.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "520.1 TCU4",
"status": "affected",
"version": "520.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "511.5 TCU4 HF3",
"status": "affected",
"version": "520.2 TCU4 HFR2",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nAn attacker could potentially exploit this vulnerability, leading to the ability to modify files on Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC . This exploit could be used to write a file that may result in unexpected behavior based on configuration changes or updating of files that could result in subsequent execution of a malicious application if triggered. Honeywell recommends updating to the most recent version of the product. See Honeywell Security Notification for recommendations on upgrading and versioning.\u0026nbsp;"
}
],
"value": "\nAn attacker could potentially exploit this vulnerability, leading to the ability to modify files on Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC . This exploit could be used to write a file that may result in unexpected behavior based on configuration changes or updating of files that could result in subsequent execution of a malicious application if triggered. Honeywell recommends updating to the most recent version of the product. See Honeywell Security Notification for recommendations on upgrading and versioning.\u00a0"
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-749",
"description": "CWE-749",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-25T16:54:14.096Z",
"orgId": "0dc86260-d7e3-4e81-ba06-3508e030ce8d",
"shortName": "Honeywell"
},
"references": [
{
"url": "https://process.honeywell.com"
},
{
"url": "https://www.honeywell.com/us/en/product-security"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "0dc86260-d7e3-4e81-ba06-3508e030ce8d",
"assignerShortName": "Honeywell",
"cveId": "CVE-2023-5389",
"datePublished": "2024-01-30T20:00:50.382Z",
"dateReserved": "2023-10-04T17:49:59.920Z",
"dateUpdated": "2025-06-17T21:29:17.826Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-3656 (GCVE-0-2023-3656)
Vulnerability from cvelistv5 – Published: 2023-10-03 07:39 – Updated: 2024-08-02 07:01| Vendor | Product | Version | |
|---|---|---|---|
| PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH | cashIT! - serving solutions. |
Affected:
0 , ≤ 03.A06rks
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:01:57.286Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cashit.at/"
},
{
"tags": [
"x_transferred"
],
"url": "https://doi.org/10.35011/ww2q-d522"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "cashIT! - serving solutions.",
"vendor": "PoS/ Dienstleistung, Entwicklung \u0026 Vertrieb GmbH",
"versions": [
{
"lessThanOrEqual": "03.A06rks",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Michael Roland"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Tobias H\u00f6ller"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Daniel Hofer"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Daniel Pekarek"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Michael Preisach"
}
],
"datePublic": "2023-10-03T07:36:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "cashIT! - serving solutions. Devices from \"PoS/ Dienstleistung, Entwicklung \u0026amp; Vertrieb GmbH\" to 03.A06rks 2023.02.37 are affected by an unauthenticated remote code execution vulnerability. This vulnerability can be triggered by an HTTP endpoint exposed to the network."
}
],
"value": "cashIT! - serving solutions. Devices from \"PoS/ Dienstleistung, Entwicklung \u0026 Vertrieb GmbH\" to 03.A06rks 2023.02.37 are affected by an unauthenticated remote code execution vulnerability. This vulnerability can be triggered by an HTTP endpoint exposed to the network."
}
],
"impacts": [
{
"capecId": "CAPEC-242",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-242 Code Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-749",
"description": "CWE-749 Exposed Dangerous Method or Function",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-02T09:03:48.291Z",
"orgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"shortName": "CyberDanube"
},
"references": [
{
"url": "https://www.cashit.at/"
},
{
"url": "https://doi.org/10.35011/ww2q-d522"
}
],
"source": {
"discovery": "USER"
},
"title": "Unauthenticated Remote Code Execution",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"assignerShortName": "CyberDanube",
"cveId": "CVE-2023-3656",
"datePublished": "2023-10-03T07:39:53.661Z",
"dateReserved": "2023-07-13T07:01:30.677Z",
"dateUpdated": "2024-08-02T07:01:57.286Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-3655 (GCVE-0-2023-3655)
Vulnerability from cvelistv5 – Published: 2023-10-03 07:53 – Updated: 2025-06-17 15:04- CWE-749 - Exposed Dangerous Method or Function
| Vendor | Product | Version | |
|---|---|---|---|
| PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH | cashIT! - serving solutions. |
Affected:
0 , ≤ 03.A06rks 2023.02.37
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:01:57.299Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cashit.at/"
},
{
"tags": [
"x_transferred"
],
"url": "https://doi.org/10.35011/ww2q-d522"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3655",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-17T15:04:03.031000Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-17T15:04:17.174Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "cashIT! - serving solutions.",
"vendor": "PoS/ Dienstleistung, Entwicklung \u0026 Vertrieb GmbH",
"versions": [
{
"lessThanOrEqual": "03.A06rks 2023.02.37",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Michael Roland"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Tobias H\u00f6ller"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Daniel Hofer"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Daniel Pekarek"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Michael Preisach"
}
],
"datePublic": "2023-10-03T07:52:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003ecashIT! - serving solutions. Devices from \"PoS/ Dienstleistung, Entwicklung \u0026amp; Vertrieb GmbH\" to 03.A06rks 2023.02.37 are affected by a dangerous methods, that allows to leak the database (system settings, user accounts,...).\u0026nbsp;\u003cspan style=\"background-color: rgb(252, 252, 252);\"\u003eThis vulnerability can be triggered by an HTTP endpoint exposed to the network.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "cashIT! - serving solutions. Devices from \"PoS/ Dienstleistung, Entwicklung \u0026 Vertrieb GmbH\" to 03.A06rks 2023.02.37 are affected by a dangerous methods, that allows to leak the database (system settings, user accounts,...).\u00a0This vulnerability can be triggered by an HTTP endpoint exposed to the network.\n"
}
],
"impacts": [
{
"capecId": "CAPEC-131",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-131 Resource Leak Exposure"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-749",
"description": "CWE-749 Exposed Dangerous Method or Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-02T09:03:27.727Z",
"orgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"shortName": "CyberDanube"
},
"references": [
{
"url": "https://www.cashit.at/"
},
{
"url": "https://doi.org/10.35011/ww2q-d522"
}
],
"source": {
"discovery": "USER"
},
"title": "Unauthenticated Remote Database Exfiltration",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"assignerShortName": "CyberDanube",
"cveId": "CVE-2023-3655",
"datePublished": "2023-10-03T07:53:13.467Z",
"dateReserved": "2023-07-13T07:01:29.861Z",
"dateUpdated": "2025-06-17T15:04:17.174Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-3612 (GCVE-0-2023-3612)
Vulnerability from cvelistv5 – Published: 2023-09-11 09:04 – Updated: 2024-09-26 14:32- CWE-749 - Exposed Dangerous Method or Function
| Vendor | Product | Version | |
|---|---|---|---|
| Govee | Govee Home |
Affected:
5.7.03 , < 5.8.01
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:01:57.140Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.sk-cert.sk/threat/sk-cert-bezpecnostne-varovanie-v20230811-10"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3612",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-26T14:32:16.829725Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-26T14:32:25.277Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Android",
"iOS"
],
"product": "Govee Home",
"vendor": "Govee",
"versions": [
{
"lessThan": "5.8.01",
"status": "affected",
"version": "5.7.03",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Jan Adamski (johnny1337.pl; jan.adamski@nask.pl)"
}
],
"datePublic": "2023-09-11T10:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Govee Home app has unprotected access to WebView component which can be opened by any app on\u0026nbsp;the device. By sending an URL to a specially crafted site, the attacker can execute JavaScript in context of WebView or\u0026nbsp;steal sensitive user data by displaying phishing content. "
}
],
"value": "Govee Home app has unprotected access to WebView component which can be opened by any app on\u00a0the device. By sending an URL to a specially crafted site, the attacker can execute JavaScript in context of WebView or\u00a0steal sensitive user data by displaying phishing content. "
}
],
"impacts": [
{
"capecId": "CAPEC-98",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-98 Phishing"
}
]
},
{
"capecId": "CAPEC-19",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-19 Embedding Scripts within Scripts"
}
]
},
{
"capecId": "CAPEC-22",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-22 Exploiting Trust in Client"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-749",
"description": "CWE-749 Exposed Dangerous Method or Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-13T06:17:09.814Z",
"orgId": "bc375322-d3d7-4481-b261-e29662236cfd",
"shortName": "SK-CERT"
},
"references": [
{
"url": "https://www.sk-cert.sk/threat/sk-cert-bezpecnostne-varovanie-v20230811-10"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to version 5.8.01 (released on 17.08.2023) or latest"
}
],
"value": "Update to version 5.8.01 (released on 17.08.2023) or latest"
}
],
"source": {
"discovery": "UNKNOWN"
},
"timeline": [
{
"lang": "en",
"time": "2023-07-10T11:00:00.000Z",
"value": "Received information about vulnerability from a security researcher - Jan Adamski (johnny1337.pl; jan.adamski@nask.pl)"
},
{
"lang": "en",
"time": "2023-07-11T11:39:00.000Z",
"value": "Initial notification of the vendor"
},
{
"lang": "en",
"time": "2023-08-03T13:25:00.000Z",
"value": "Vendor confirmed the receipt of vulnerability report"
},
{
"lang": "en",
"time": "2023-08-10T13:25:00.000Z",
"value": "Vendor informed about security update being released on 17.08.2023"
},
{
"lang": "en",
"time": "2023-08-17T00:00:00.000Z",
"value": "Updated version of the application released"
}
],
"title": "Unprotected WebView access in Govee Home App",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "bc375322-d3d7-4481-b261-e29662236cfd",
"assignerShortName": "SK-CERT",
"cveId": "CVE-2023-3612",
"datePublished": "2023-09-11T09:04:09.924Z",
"dateReserved": "2023-07-11T06:15:11.185Z",
"dateUpdated": "2024-09-26T14:32:25.277Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-46156 (GCVE-0-2022-46156)
Vulnerability from cvelistv5 – Published: 2022-11-30 00:00 – Updated: 2025-04-23 16:33| Vendor | Product | Version | |
|---|---|---|---|
| grafana | synthetic-monitoring-agent |
Affected:
< 0.12.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:24:03.303Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/grafana/synthetic-monitoring-agent/security/advisories/GHSA-9j4f-f249-q5w8"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/grafana/synthetic-monitoring-agent/pull/373"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/grafana/synthetic-monitoring-agent/pull/374"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/grafana/synthetic-monitoring-agent/pull/375"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/grafana/synthetic-monitoring-agent/commit/d8dc7f9c1c641881cbcf0a09e178b90ebf0f0228"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/grafana/synthetic-monitoring-agent/releases/tag/v0.12.0"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-46156",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T15:48:33.582343Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T16:33:36.977Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "synthetic-monitoring-agent",
"vendor": "grafana",
"versions": [
{
"status": "affected",
"version": "\u003c 0.12.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Synthetic Monitoring Agent for Grafana\u0027s Synthetic Monitoring application provides probe functionality and executes network checks for monitoring remote targets. Users running the Synthetic Monitoring agent prior to version 0.12.0 in their local network are impacted. The authentication token used to communicate with the Synthetic Monitoring API is exposed through a debugging endpoint. This token can be used to retrieve the Synthetic Monitoring checks created by the user and assigned to the agent identified with that token. The Synthetic Monitoring API will reject connections from already-connected agents, so access to the token does not guarantee access to the checks. Version 0.12.0 contains a fix. Users are advised to rotate the agent tokens. After upgrading to version v0.12.0 or later, it\u0027s recommended that users of distribution packages review the configuration stored in `/etc/synthetic-monitoring/synthetic-monitoring-agent.conf`, specifically the `API_TOKEN` variable which has been renamed to `SM_AGENT_API_TOKEN`. As a workaround for previous versions, it\u0027s recommended that users review the agent settings and set the HTTP listening address in a manner that limits the exposure, for example, localhost or a non-routed network, by using the command line parameter `-listen-address`, e.g. `-listen-address localhost:4050`."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-489",
"description": "CWE-489: Active Debug Code",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-749",
"description": "CWE-749: Exposed Dangerous Method or Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-30T00:00:00.000Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"url": "https://github.com/grafana/synthetic-monitoring-agent/security/advisories/GHSA-9j4f-f249-q5w8"
},
{
"url": "https://github.com/grafana/synthetic-monitoring-agent/pull/373"
},
{
"url": "https://github.com/grafana/synthetic-monitoring-agent/pull/374"
},
{
"url": "https://github.com/grafana/synthetic-monitoring-agent/pull/375"
},
{
"url": "https://github.com/grafana/synthetic-monitoring-agent/commit/d8dc7f9c1c641881cbcf0a09e178b90ebf0f0228"
},
{
"url": "https://github.com/grafana/synthetic-monitoring-agent/releases/tag/v0.12.0"
}
],
"source": {
"advisory": "GHSA-9j4f-f249-q5w8",
"discovery": "UNKNOWN"
},
"title": "Grafana\u0027s default installation of `synthetic-monitoring-agent` exposes sensitive information"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2022-46156",
"datePublished": "2022-11-30T00:00:00.000Z",
"dateReserved": "2022-11-28T00:00:00.000Z",
"dateUpdated": "2025-04-23T16:33:36.977Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-37365 (GCVE-0-2022-37365)
Vulnerability from cvelistv5 – Published: 2023-03-29 00:00 – Updated: 2025-02-18 19:14- CWE-749 - Exposed Dangerous Method or Function
| Vendor | Product | Version | |
|---|---|---|---|
| PDF-XChange | PDF-XChange Editor |
Affected:
9.3.361.0
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:29:20.656Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.tracker-software.com/product/pdf-xchange-editor/history"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1093/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-37365",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-18T19:14:40.388210Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-18T19:14:45.602Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "PDF-XChange Editor",
"vendor": "PDF-XChange",
"versions": [
{
"status": "affected",
"version": "9.3.361.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "kimiya"
}
],
"descriptions": [
{
"lang": "en",
"value": "This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the saveAs method. The application exposes a JavaScript interface that allows the attacker to write arbitrary files. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-17527."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-749",
"description": "CWE-749: Exposed Dangerous Method or Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-03-29T00:00:00.000Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"url": "https://www.tracker-software.com/product/pdf-xchange-editor/history"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-22-1093/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2022-37365",
"datePublished": "2023-03-29T00:00:00.000Z",
"dateReserved": "2022-08-02T00:00:00.000Z",
"dateUpdated": "2025-02-18T19:14:45.602Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-4136 (GCVE-0-2022-4136)
Vulnerability from cvelistv5 – Published: 2022-11-24 00:00 – Updated: 2025-04-14 17:48- CWE-749 - Exposed Dangerous Method or Function
| Vendor | Product | Version | |
|---|---|---|---|
| qmpaas | qmpaas/leadshop |
Affected:
unspecified , < 1.4.16
(custom)
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:27:54.510Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://huntr.dev/bounties/fe418ae1-7c80-4d91-8a5a-923d60ba78c3"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/qmpaas/leadshop/commit/f27e9ca5c93eaadda1097396b65c234b16186d67"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-4136",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-14T15:28:29.935281Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-14T17:48:17.480Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "qmpaas/leadshop",
"vendor": "qmpaas",
"versions": [
{
"lessThan": "1.4.16",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Dangerous method exposed which can lead to RCE in qmpass/leadshop v1.4.15 allows an attacker to control the target host by calling any function in leadshop.php via the GET method."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-749",
"description": "CWE-749 Exposed Dangerous Method or Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-24T00:00:00.000Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntrdev"
},
"references": [
{
"url": "https://huntr.dev/bounties/fe418ae1-7c80-4d91-8a5a-923d60ba78c3"
},
{
"url": "https://github.com/qmpaas/leadshop/commit/f27e9ca5c93eaadda1097396b65c234b16186d67"
}
],
"source": {
"advisory": "fe418ae1-7c80-4d91-8a5a-923d60ba78c3",
"discovery": "EXTERNAL"
},
"title": "Exposed Dangerous Method or Function in qmpaas/leadshop"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntrdev",
"cveId": "CVE-2022-4136",
"datePublished": "2022-11-24T00:00:00.000Z",
"dateReserved": "2022-11-24T00:00:00.000Z",
"dateUpdated": "2025-04-14T17:48:17.480Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-42128 (GCVE-0-2021-42128)
Vulnerability from cvelistv5 – Published: 2021-12-07 13:13 – Updated: 2024-08-04 03:30- CWE-749 - Exposed Dangerous Method or Function (CWE-749)
| URL | Tags |
|---|---|
| https://forums.ivanti.com/s/article/Security-Aler… | x_refsource_MISC |
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Ivanti Avalanche |
Affected:
6.3.3
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T03:30:36.382Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://forums.ivanti.com/s/article/Security-Alert-CVE-s-Addressed-in-Avalanche-6-3-3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Ivanti Avalanche",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "6.3.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 using inforail Service allows Privilege Escalation via Enterprise Server Service."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-749",
"description": "Exposed Dangerous Method or Function (CWE-749)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-07T13:13:10.000Z",
"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"shortName": "hackerone"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://forums.ivanti.com/s/article/Security-Alert-CVE-s-Addressed-in-Avalanche-6-3-3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "support@hackerone.com",
"ID": "CVE-2021-42128",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Ivanti Avalanche",
"version": {
"version_data": [
{
"version_value": "6.3.3"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An exposed dangerous function vulnerability exists in Ivanti Avalanche before 6.3.3 using inforail Service allows Privilege Escalation via Enterprise Server Service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Exposed Dangerous Method or Function (CWE-749)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://forums.ivanti.com/s/article/Security-Alert-CVE-s-Addressed-in-Avalanche-6-3-3",
"refsource": "MISC",
"url": "https://forums.ivanti.com/s/article/Security-Alert-CVE-s-Addressed-in-Avalanche-6-3-3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1",
"assignerShortName": "hackerone",
"cveId": "CVE-2021-42128",
"datePublished": "2021-12-07T13:13:10.000Z",
"dateReserved": "2021-10-08T00:00:00.000Z",
"dateUpdated": "2024-08-04T03:30:36.382Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
If you must expose a method, make sure to perform input validation on all arguments, limit access to authorized parties, and protect against all possible vulnerabilities.
Mitigation
Strategy: Attack Surface Reduction
- Identify all exposed functionality. Explicitly list all functionality that must be exposed to some user or set of users. Identify which functionality may be:
- Ensure that the implemented code follows these expectations. This includes setting the appropriate access modifiers where applicable (public, private, protected, etc.) or not marking ActiveX controls safe-for-scripting.
- accessible to all users
- restricted to a small set of privileged users
- prevented from being directly accessible at all
CAPEC-500: WebView Injection
An adversary, through a previously installed malicious application, injects code into the context of a web page displayed by a WebView component. Through the injected code, an adversary is able to manipulate the DOM tree and cookies of the page, expose sensitive information, and can launch attacks against the web application from within the web page.