Skip to main content

Aria

3 CVEs product

Monthly

CVE-2022-24237 HIGH POC THREAT This Week

The snaptPowered2 component of Snapt Aria v12.8 was discovered to contain a command injection vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Aria
NVD
CVSS 3.1
8.8
EPSS
25.3%
CVE-2022-24236 LOW POC Monitor

An insecure permissions vulnerability in Snapt Aria v12.8 allows unauthenticated attackers to send e-mails from spoofed users' accounts. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Aria
NVD
CVSS 3.1
3.5
EPSS
0.5%
CVE-2022-24235 HIGH POC This Week

A Cross-Site Request Forgery (CSRF) in the management portal of Snapt Aria v12.8 allows attackers to escalate privileges and execute arbitrary code via unspecified vectors. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE CSRF Aria
NVD
CVSS 3.1
8.8
EPSS
0.7%
EPSS 25% CVSS 8.8
HIGH POC THREAT This Week

The snaptPowered2 component of Snapt Aria v12.8 was discovered to contain a command injection vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Command Injection Aria
NVD
EPSS 1% CVSS 3.5
LOW POC Monitor

An insecure permissions vulnerability in Snapt Aria v12.8 allows unauthenticated attackers to send e-mails from spoofed users' accounts. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Aria
NVD
EPSS 1% CVSS 8.8
HIGH POC This Week

A Cross-Site Request Forgery (CSRF) in the management portal of Snapt Aria v12.8 allows attackers to escalate privileges and execute arbitrary code via unspecified vectors. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

RCE CSRF Aria
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy