PT-2022-20113 · Ginadmin · Ginadmin

Published

2022-05-25

·

Updated

2022-06-08

·

CVE-2022-30428

CVSS v3.1

7.5

High

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions ginadmin through 05-10-2022
Description The issue arises from the lack of filtering on the incoming path value, leading to arbitrary file reading.
Recommendations For ginadmin through 05-10-2022, update to a version that includes the fix available on the master branch of the repository.

Exploit

Fix

Path traversal

Files Accessible to External Parties

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-22CWE-552

Related Identifiers

CVE-2022-30428
GHSA-5824-6JFV-XR3R

Affected Products

Ginadmin