PT-2022-18724 · Xmanager · Xmanager
Published
2022-03-31
·
Updated
2022-04-08
·
CVE-2022-27964
CVSS v2.0
6.9
Medium
| Vector | AV:L/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Xmanager versions 7.0.0096 and below
Description
The issue allows attackers to execute arbitrary code via a crafted .exe file. This is achieved through a binary hijack vulnerability.
Recommendations
For Xmanager versions 7.0.0096 and below, consider avoiding the use of crafted .exe files until a patch is available. As a temporary workaround, restrict the execution of arbitrary code to minimize the risk of exploitation.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Xmanager