PT-2022-17375 · Bluedon Information Security Technologies Co. · Internet Access Detector

Published

2022-03-24

Updated

2023-08-08

CVE-2022-25571

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Bluedon Information Security Technologies Co.,Ltd Internet Access Detector version 1.0

Description The issue allows attackers to access the contents of the password file via unspecified vectors, resulting in an information leak.

Recommendations For version 1.0, consider restricting access to sensitive files, such as the password file, until a fix is available. As a temporary workaround, limit the privileges of the application to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2022-25571

Affected Products

Internet Access Detector

CVE-2022-25571

Related Identifiers

Affected Products

References · 4