CVE-2022-47635

Name of the Vulnerable Software and Affected Versions Wildix WMS versions 6.02.20221215 and earlier Wildix WMS versions 5.04.20221213 and earlier Wildix WMS4 versions 4.04.45396.22 and earlier

Description The issue allows server-side request forgery (SSRF) via ZohoClient.php. This can potentially be exploited to forge requests from the server to other services, leading to unauthorized access or data exposure.

Recommendations For Wildix WMS version 6, update to version 6.02.20221216 or later. For Wildix WMS version 5, update to version 5.04.20221214 or later. For Wildix WMS4, update to version 4.04.45396.23 or later. As a temporary workaround, consider restricting access to the ZohoClient.php file until a patch is applied.