CVE-2022-26838

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Aug 3, 2023

Updated: Aug 8, 2023

CWE ID 22

Summary

CVE-2022-26838 is a path traversal vulnerability affecting the Importing Mobile Device Data feature of Cybozu Remote Service version 3.1.2. An attacker who has gained valid authentication can manipulate file paths during the data import process, leading to a denial-of-service condition. The vulnerability allows unintended file access, potentially causing service disruption and hindering legitimate users. To mitigate this risk, it is recommended that users update their Cybozu Remote Service to the latest version as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Cybozu

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sNbs_R
https://www.cve.org/CVERecord?id=CVE-2022-26838
https://nvd.nist.gov/vuln/detail/CVE-2022-26838

Back to Vulnerability Database

CVE-2022-26838

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations