CVE-2022-4018

Missing Authentication for Critical Function in ikus060/rdiffweb

CVSS 6.1 MEDIUMEPSS 0.8%CWE-306

Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6.

CVSS:3.0/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H

Affected products

ikus060 · ikus060/rdiffweb

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/ikus060/rdiffweb/commit/f2a32f2a9f3fb8be1a9432ac3d81d3aacdb13095 https://huntr.dev/bounties/5340c2f6-0252-40f6-8929-cca5d64958a5