CVE-2022-3387: Path Traversal
First published: Thu Oct 27 2022(Updated: )
Advantech R-SeeNet Versions 2.4.19 and prior are vulnerable to path traversal attacks. An unauthorized attacker could remotely exploit vulnerable PHP code to delete .PDF files.
Credit: ics-cert@hq.dhs.gov
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Advantech R-SeeNet | <=2.4.19 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-3387?
CVE-2022-3387 is a vulnerability in Advantech R-SeeNet versions 2.4.19 and prior that allows for path traversal attacks and unauthorized deletion of .PDF files.
What is the severity of CVE-2022-3387?
CVE-2022-3387 has a severity rating of 5.3, which is considered medium.
How does CVE-2022-3387 affect Advantech R-SeeNet?
CVE-2022-3387 affects Advantech R-SeeNet versions 2.4.19 and prior, allowing for path traversal attacks and unauthorized deletion of .PDF files.
How can an unauthorized attacker exploit CVE-2022-3387?
An unauthorized attacker can remotely exploit the vulnerable PHP code in Advantech R-SeeNet to perform path traversal attacks and delete .PDF files.
Is there a fix available for CVE-2022-3387?
Yes, it is recommended to update Advantech R-SeeNet to a version beyond 2.4.19 to mitigate the path traversal vulnerability and prevent unauthorized deletion of .PDF files.
- collector/nvd-index
- vendor/advantech
- canonical/advantech r-seenet
- version/advantech r-seenet/2.4.19