ID:10534 - Exploit for Improper input validation in Oracle Web Applications Desktop Integrator - CVE-2022-21587

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:10534 - Exploit for Improper input validation in Oracle Web Applications Desktop Integrator - CVE-2022-21587

ID:10534 - Exploit for Improper input validation in Oracle Web Applications Desktop Integrator - CVE-2022-21587

Published: September 27, 2024


Vulnerability identifier: #VU68431
Vulnerability risk: High
CVE-ID: CVE-2022-21587
CWE-ID: CWE-20
Exploitation vector: Remote access
Vulnerable software:
Oracle Web Applications Desktop Integrator

Link to public exploit:


Vulnerability description

The vulnerability allows a remote non-authenticated attacker to execute arbitrary code.

The vulnerability exists due to improper input validation within the Upload component in Oracle Web Applications Desktop Integrator. A remote non-authenticated attacker can exploit this vulnerability to execute arbitrary code.


Remediation

Install updates from vendor's website.