CVE-2022-1753
First published: Tue May 17 2022(Updated: )
A vulnerability, which was classified as critical, was found in WoWonder. Affected is the file /requests.php which is responsible to handle group messages. The manipulation of the argument group_id allows posting messages in other groups. It is possible to launch the attack remotely but it might require authentication. A video explaining the attack has been disclosed to the public.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Wowonder Wowonder |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2022-1753?
The severity of CVE-2022-1753 is medium.
How does CVE-2022-1753 affect WoWonder?
CVE-2022-1753 affects WoWonder by allowing the manipulation of the group_id argument which can lead to unauthorized posting of messages in other groups.
Can the attack for CVE-2022-1753 be launched remotely?
Yes, the attack for CVE-2022-1753 can be launched remotely.
What software is affected by CVE-2022-1753?
The software affected by CVE-2022-1753 is Wowonder.
How can I fix CVE-2022-1753?
To fix CVE-2022-1753, it is recommended to apply the latest security patch provided by Wowonder.
- collector/nvd-index
- vendor/wowonder
- canonical/wowonder wowonder