PT-2022-23473 · Wamp · Wamp
Published
2022-08-30
·
Updated
2023-08-08
·
CVE-2022-36565
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Wamp versions 3.2.6 and below
Description
The issue is related to incorrect access control in the install directory of Wamp, allowing authenticated attackers to execute arbitrary code by overwriting binaries in the directory.
Recommendations
For Wamp versions 3.2.6 and below, update to a version above 3.2.6 to resolve the issue.
As a temporary workaround, consider restricting access to the install directory to prevent overwriting of binaries.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Wamp