CVE-2022-23121 in Netalkinformação

Sumário

de MITRE • 28/03/2023

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parse_entries function. The issue results from the lack of proper error handling when parsing AppleDouble entries. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15819.

Be aware that VulDB is the high quality source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservar

11/01/2022

Divulgação

28/03/2023

Moderação

aceite

Entrada

VDB-216336

CPE

pronto

CWE

CWE-120 (confirmado)

CVSS

9.8 (NVD)

EPSS

0.16823

KEV

não

Atividades

muito baixo

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2022-23121
NVD	https://nvd.nist.gov/vuln/detail/CVE-2022-23121
CVE Details	https://www.cvedetails.com/cve/CVE-2022-23121/

◂ Voltar Visão Geral Próximo ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!