Arian Rakhimi

Researcher fromPositive Technologies
#11341of 53,638
24.3Total CVSS
Vulnerabilities · 3
Medium
1
High
2
PT-2022-4185
10
2022-03-23
Unknown · Passwork On-Premise Edition · CVE-2022-25267
**Name of the Vulnerable Software and Affected Versions** Passwork On-Premise Edition versions prior to 4.6.13 **Description** The issue is related to incorrect restriction of the path name to a directory with limited access. This allows a remote attacker to upload arbitrary files to the system. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where this issue was exploited. **Recommendations** For Passwork On-Premise Edition versions prior to 4.6.13, update to version 4.6.13 or later to resolve the issue. As a temporary workaround, consider restricting access to the migration/uploadExportFile functionality to minimize the risk of exploitation.
PT-2022-4186
10
2022-03-23
Passwork · Passwork On-Premise Edition · CVE-2022-25268
**Name of the Vulnerable Software and Affected Versions** Passwork On-Premise Edition versions prior to 4.6.13 **Description** The issue is related to a CSRF vulnerability in the password manager Passwork. This vulnerability can be exploited by a remote attacker to perform a CSRF attack via the groups, password, and history subsystems. **Recommendations** For Passwork On-Premise Edition versions prior to 4.6.13, update to version 4.6.13 or later to resolve the issue. As a temporary workaround, consider restricting access to the groups, password, and history subsystems to minimize the risk of exploitation.
PT-2022-4188
4.3
2022-03-23
Unknown · Passwork On-Premise Edition · CVE-2022-25266
**Name of the Vulnerable Software and Affected Versions** Passwork On-Premise Edition versions prior to 4.6.13 **Description** The issue is related to incorrect restriction of the path name to a directory with limited access. An attacker can exploit this by manipulating URL parameters to gain access to local files and directories on the server. This allows for directory traversal, enabling the reading of files. **Recommendations** For Passwork On-Premise Edition versions prior to 4.6.13, update to version 4.6.13 or later to resolve the issue. As a temporary workaround, consider restricting access to the `migration/downloadExportFile` endpoint until a patch is available. Avoid using the vulnerable endpoint to minimize the risk of exploitation.