CVE-2022-26838

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Aug 3, 2023
Updated: Aug 8, 2023
CWE ID 22

Summary

CVE-2022-26838 is a path traversal vulnerability affecting the Importing Mobile Device Data feature of Cybozu Remote Service version 3.1.2. An attacker who has gained valid authentication can manipulate file paths during the data import process, leading to a denial-of-service condition. The vulnerability allows unintended file access, potentially causing service disruption and hindering legitimate users. To mitigate this risk, it is recommended that users update their Cybozu Remote Service to the latest version as soon as possible.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share