Security Advisory

CVE-2022-29281

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-04-15 20:41:14

Last updated 2024-08-03 06:17:54

Assigner mitre

State PUBLISHED

Description

Notable before 1.9.0-beta.8 doesnt effectively prevent the opening of executable files when clicking on a link. There is improper validation of the file URI scheme. A hyperlink to an SMB share could lead to execution of an arbitrary program (or theft of NTLM credentials via an SMB relay attack, because the application resolves UNC paths).

← Browse all CVEs View on cve.org ↗