CVE-2022-39033 (GCVE-0-2022-39033)

Vulnerability from cvelistv5 – Published: 2022-09-28 03:25 – Updated: 2025-05-21 14:51
VLAI
Title
Smart eVision - Path Traversal -1
Summary
Smart eVision’s file acquisition function has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication, access restricted paths to download and delete arbitrary system files to disrupt service.
Severity
9.8 (Critical)
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE
  • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
Date Public
2022-09-28 00:00
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T11:10:32.292Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.twcert.org.tw/tw/cp-132-6570-9c632-1.html"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2022-39033",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-21T14:51:21.385646Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-21T14:51:32.612Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Smart eVision",
          "vendor": "Smart eVision Information Technology Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "2022.02.21"
            }
          ]
        }
      ],
      "datePublic": "2022-09-28T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Smart eVision\u2019s file acquisition function has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication, access restricted paths to download and delete arbitrary system files to disrupt service."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-09-28T03:25:38.000Z",
        "orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
        "shortName": "twcert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.twcert.org.tw/tw/cp-132-6570-9c632-1.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Contact tech support from Smart eVision Information Technology Inc."
        }
      ],
      "source": {
        "advisory": "TVN-202209006",
        "discovery": "EXTERNAL"
      },
      "title": "Smart eVision - Path Traversal -1",
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "AKA": "TWCERT/CC",
          "ASSIGNER": "cve@cert.org.tw",
          "DATE_PUBLIC": "2022-09-28T03:00:00.000Z",
          "ID": "CVE-2022-39033",
          "STATE": "PUBLIC",
          "TITLE": "Smart eVision - Path Traversal -1"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Smart eVision",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "=",
                            "version_value": "2022.02.21"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Smart eVision Information Technology Inc."
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Smart eVision\u2019s file acquisition function has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication, access restricted paths to download and delete arbitrary system files to disrupt service."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.twcert.org.tw/tw/cp-132-6570-9c632-1.html",
              "refsource": "MISC",
              "url": "https://www.twcert.org.tw/tw/cp-132-6570-9c632-1.html"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "Contact tech support from Smart eVision Information Technology Inc."
          }
        ],
        "source": {
          "advisory": "TVN-202209006",
          "discovery": "EXTERNAL"
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
    "assignerShortName": "twcert",
    "cveId": "CVE-2022-39033",
    "datePublished": "2022-09-28T03:25:38.574Z",
    "dateReserved": "2022-08-30T00:00:00.000Z",
    "dateUpdated": "2025-05-21T14:51:32.612Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2022-39033",
      "date": "2026-05-30",
      "epss": "0.01402",
      "percentile": "0.80742"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-39033\",\"sourceIdentifier\":\"twcert@cert.org.tw\",\"published\":\"2022-09-28T04:15:14.883\",\"lastModified\":\"2024-11-21T07:17:24.990\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Smart eVision\u2019s file acquisition function has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication, access restricted paths to download and delete arbitrary system files to disrupt service.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n file acquisition de Smart eVision presenta una vulnerabilidad de cruce de rutas debido a un filtrado insuficiente de caracteres especiales en el par\u00e1metro URL. Un atacante remoto no autenticado puede explotar esta vulnerabilidad para saltarse la autenticaci\u00f3n, acceder a rutas restringidas para descargar y eliminar archivos del sistema arbitrarios para interrumpir el servicio\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"twcert@cert.org.tw\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"twcert@cert.org.tw\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-22\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:lcnet:smart_evision:2022.02.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0BD6F48-0614-4FCE-ACA4-EAB16D9B1E22\"}]}]}],\"references\":[{\"url\":\"https://www.twcert.org.tw/tw/cp-132-6570-9c632-1.html\",\"source\":\"twcert@cert.org.tw\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.twcert.org.tw/tw/cp-132-6570-9c632-1.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"cna\": {\"affected\": [{\"product\": \"Smart eVision\", \"vendor\": \"Smart eVision Information Technology Inc.\", \"versions\": [{\"status\": \"affected\", \"version\": \"2022.02.21\"}]}], \"datePublic\": \"2022-09-28T00:00:00.000Z\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"Smart eVision\\u2019s file acquisition function has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication, access restricted paths to download and delete arbitrary system files to disrupt service.\"}], \"metrics\": [{\"cvssV3_1\": {\"attackComplexity\": \"LOW\", \"attackVector\": \"NETWORK\", \"availabilityImpact\": \"HIGH\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"scope\": \"UNCHANGED\", \"userInteraction\": \"NONE\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"version\": \"3.1\"}}], \"problemTypes\": [{\"descriptions\": [{\"cweId\": \"CWE-22\", \"description\": \"CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)\", \"lang\": \"en\", \"type\": \"CWE\"}]}], \"providerMetadata\": {\"dateUpdated\": \"2022-09-28T03:25:38.000Z\", \"orgId\": \"cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e\", \"shortName\": \"twcert\"}, \"references\": [{\"tags\": [\"x_refsource_MISC\"], \"url\": \"https://www.twcert.org.tw/tw/cp-132-6570-9c632-1.html\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Contact tech support from Smart eVision Information Technology Inc.\"}], \"source\": {\"advisory\": \"TVN-202209006\", \"discovery\": \"EXTERNAL\"}, \"title\": \"Smart eVision - Path Traversal -1\", \"x_generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"x_legacyV4Record\": {\"CVE_data_meta\": {\"AKA\": \"TWCERT/CC\", \"ASSIGNER\": \"cve@cert.org.tw\", \"DATE_PUBLIC\": \"2022-09-28T03:00:00.000Z\", \"ID\": \"CVE-2022-39033\", \"STATE\": \"PUBLIC\", \"TITLE\": \"Smart eVision - Path Traversal -1\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"product_name\": \"Smart eVision\", \"version\": {\"version_data\": [{\"version_affected\": \"=\", \"version_value\": \"2022.02.21\"}]}}]}, \"vendor_name\": \"Smart eVision Information Technology Inc.\"}]}}, \"data_format\": \"MITRE\", \"data_type\": \"CVE\", \"data_version\": \"4.0\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Smart eVision\\u2019s file acquisition function has a path traversal vulnerability due to insufficient filtering for special characters in the URL parameter. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication, access restricted paths to download and delete arbitrary system files to disrupt service.\"}]}, \"generator\": {\"engine\": \"Vulnogram 0.0.9\"}, \"impact\": {\"cvss\": {\"attackComplexity\": \"LOW\", \"attackVector\": \"NETWORK\", \"availabilityImpact\": \"HIGH\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"scope\": \"UNCHANGED\", \"userInteraction\": \"NONE\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"version\": \"3.1\"}}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)\"}]}]}, \"references\": {\"reference_data\": [{\"name\": \"https://www.twcert.org.tw/tw/cp-132-6570-9c632-1.html\", \"refsource\": \"MISC\", \"url\": \"https://www.twcert.org.tw/tw/cp-132-6570-9c632-1.html\"}]}, \"solution\": [{\"lang\": \"en\", \"value\": \"Contact tech support from Smart eVision Information Technology Inc.\"}], \"source\": {\"advisory\": \"TVN-202209006\", \"discovery\": \"EXTERNAL\"}}}, \"adp\": [{\"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T11:10:32.292Z\"}, \"title\": \"CVE Program Container\", \"references\": [{\"tags\": [\"x_refsource_MISC\", \"x_transferred\"], \"url\": \"https://www.twcert.org.tw/tw/cp-132-6570-9c632-1.html\"}]}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-39033\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-21T14:51:21.385646Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-21T14:51:25.711Z\"}}]}",
      "cveMetadata": "{\"assignerOrgId\": \"cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e\", \"assignerShortName\": \"twcert\", \"cveId\": \"CVE-2022-39033\", \"datePublished\": \"2022-09-28T03:25:38.574Z\", \"dateReserved\": \"2022-08-30T00:00:00.000Z\", \"dateUpdated\": \"2025-05-21T14:51:32.612Z\", \"state\": \"PUBLISHED\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.





Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.


Detection rules are retrieved from Rulezet.