PT-2022-22009 · Micro Star International · Msi Feature Navigator

Published

2022-09-12

Updated

2022-09-15

CVE-2022-34110

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions Micro-Star International MSI Feature Navigator version 1.0.1808.0901

Description An issue in the software allows attackers to download arbitrary files, regardless of the file type or size.

Recommendations For version 1.0.1808.0901, consider restricting access to the file download functionality until a patch is available. As a temporary workaround, limit the types and sizes of files that can be downloaded to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2022-34110

Affected Products

Msi Feature Navigator

PT-2022-22009 · Micro Star International · Msi Feature Navigator

CVE-2022-34110

Related Identifiers

Affected Products

References · 8