PT-2022-19916 · Unknown · Primeur Spazio

Alessandro Cudini

Published

2022-05-11

Updated

2022-05-19

CVE-2022-29932

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions PRIMEUR SPAZIO version 2.5.1.954

Description The issue allows an unauthenticated attacker to obtain sensitive data related to the content of transferred files via a crafted HTTP request.

Recommendations For version 2.5.1.954, consider restricting access to the HTTP Server in the File Transfer component until a patch is available. As a temporary workaround, avoid using the File Transfer feature to minimize the risk of exploitation.

Exploit

Fix

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-401

Related Identifiers

CVE-2022-29932

Affected Products

Primeur Spazio

PT-2022-19916 · Unknown · Primeur Spazio

CVE-2022-29932

Weakness Enumeration

Related Identifiers

Affected Products

References · 5