PT-2023-7165 · Adobe · Robohelp Server

Published

2023-11-14

Updated

2023-11-22

CVE-2023-22273

CVSS v2.0

8.3

High

Vector

AV:N/AC:L/Au:M/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Adobe RoboHelp Server versions 11.4 and earlier

Description The issue is related to an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') that could lead to Remote Code Execution by an admin authenticated attacker. Exploitation of this issue does not require user interaction.

Recommendations For Adobe RoboHelp Server versions 11.4 and earlier, update to a version later than 11.4 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

BDU:2023-08192

CVE-2023-22273

ZDI-23-1652

Affected Products

Robohelp Server

PT-2023-7165 · Adobe · Robohelp Server

CVE-2023-22273

Weakness Enumeration

Related Identifiers

Affected Products

References · 6