← back
CVE-2022-45184

CVE-2022-45184

EPSS 1.9%
The Web Server in Ironman Software PowerShell Universal v3.x and v2.x allows for directory traversal outside of the configuration directory, which allows a remote attacker with administrator privilege to create, delete, update, and display files outside of the configuration directory via a crafted HTTP request to particular endpoints in the web server. Patched Versions are 3.5.3 and 3.4.7.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://blog.ironmansoftware.com/psu-2022-11-cve/https://docs.powershelluniversal.com/changeloghttps://ironmansoftware.com