CVE-2022-0557
unknown
CVSS v3
—
CVSS v2
—
VIR risk
—
Description
OS Command Injection in Microweber
Predictions
Exploit likelihood
20%
Patch ETA
—
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No vendor mitigations ingested yet for this CVE. The mitigation-content worker queues fetches as references arrive — check back in a few minutes, or see the references list below.
Package impact
| Ecosystem | Package | Vulnerable | Fixed |
|---|---|---|---|
| Packagist | microweber/microweber | <1.2.11 | 1.2.11 |
References
- https://nvd.nist.gov/vuln/detail/CVE-2022-0557
- https://github.com/microweber/microweber/commit/0a7e5f1d81de884861ca677ee1aaac31f188d632
- https://github.com/microweber/microweber
- https://huntr.dev/bounties/660c89af-2de5-41bc-aada-9e4e78142db8
- https://www.exploit-db.com/exploits/50768
- http://packetstormsecurity.com/files/166077/Microweber-1.2.11-Shell-Upload.html
Verify integrity in audit chain (admin only). AS-IS.