← back
CVE-2022-0074

Privilege Escalation in OpenLiteSpeed Web Server

CVSS 8.8 HIGHEPSS 1.2%CWE-426
Untrusted Search Path vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server Container allows Privilege Escalation. This affects versions from 1.6.15 before 1.7.16.1.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
LiteSpeed Technologies · LiteSpeed Web ServerLiteSpeed Technologies · OpenLiteSpeed Web Server

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/litespeedtech/ols-dockerfiles/blob/master/template/Dockerfile#L29