CVE-2022-46997

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Passhunt commit 54eb987d30ead2b8ebbf1f0b880aa14249323867

Description The issue allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges via a code execution backdoor in the request package.

Recommendations For Passhunt commit 54eb987d30ead2b8ebbf1f0b880aa14249323867, consider removing or disabling the vulnerable code to prevent exploitation until a fixed version is available. As a temporary workaround, restrict access to sensitive user information and digital currency keys to minimize the risk of unauthorized access.

Exploit

Fix

Hidden Functionality

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-912

Related Identifiers

CVE-2022-46997

Affected Products

Passhunt

CVE-2022-46997

Weakness Enumeration

Related Identifiers

Affected Products

References · 7