Vulnerability CVE-2022-24077

Vulnerability CVE-2022-24077

Published: 2022-06-13

Description:

Naver Cloud Explorer Beta allows the attacker to execute arbitrary code as System privilege via malicious DLL injection.

Type:

CWE-427

(Uncontrolled Search Path Element)

CVSS2 => (AV:L/AC:M/Au:N/C:C/I:C/A:C)

CVSS Base Score	Impact Subscore	Exploitability Subscore
6.9/10	10/10	3.4/10

Exploit range	Attack complexity	Authentication
Local	Medium	No required
Confidentiality impact	Integrity impact	Availability impact
Complete	Complete	Complete

Affected software
Naver -> Cloud explorer

References:

https://cve.naver.com/detail/cve-2022-24077.html

Copyright 2024, cxsecurity.com