CVE-2022-23766
BigFileAgent arbitrary file execution vulnerability
An improper input validation vulnerability leading to arbitrary file execution was discovered in BigFileAgent. In order to cause arbitrary files to be executed, the attacker makes the victim access a web page d by them or inserts a script using XSS into a general website.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
Bluetree Co., Ltd · BigFileAgentWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →