RSS   Vulnerabilities for 'ARIA'   RSS

2022-03-21
 
CVE-2022-24235

CWE-352
 

 
A Cross-Site Request Forgery (CSRF) in the management portal of Snapt Aria v12.8 allows attackers to escalate privileges and execute arbitrary code via unspecified vectors.

 
 
CVE-2022-24236

CWE-732
 

 
An insecure permissions vulnerability in Snapt Aria v12.8 allows unauthenticated attackers to send e-mails from spoofed users' accounts.

 
 
CVE-2022-24237

CWE-77
 

 
The snaptPowered2 component of Snapt Aria v12.8 was discovered to contain a command injection vulnerability. This vulnerability allows authenticated attackers to execute arbitrary commands.

 


Copyright 2024, cxsecurity.com

 

Back to Top