cbcvebase.
CVE-2022-0072
published 2022-10-27

CVE-2022-0072: Directory Traversal vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server dashboards allows Path Traversal. This affects…

PriorityP431medium5.8CVSS 3.1
AVNACLPRNUINSCCLINAN
EPSS
0.97%
57.5th percentile
Directory Traversal vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server dashboards allows Path Traversal. This affects versions from 1.5.11 through 1.5.12, from 1.6.5 through 1.6.20.1, from 1.7.0 before 1.7.16.1

Affected

10 ranges
VendorProductVersion rangeFixed in
litespeed_technologieslitespeed_web_server1.5.11 – 1.5.12
litespeed_technologieslitespeed_web_server1.6.5 – 1.6.20.1
litespeed_technologieslitespeed_web_server>= 1.7.0 < 1.7.16.11.7.16.1
litespeed_technologiesopenlitespeed_web_server1.5.11 – 1.5.12
litespeed_technologiesopenlitespeed_web_server1.6.5 – 1.6.20.1
litespeed_technologiesopenlitespeed_web_server>= 1.7.0 < 1.7.16.11.7.16.1
litespeedtechopenlitespeed
litespeedtechopenlitespeed
litespeedtechopenlitespeed1.6.5 – 1.6.20.1
litespeedtechopenlitespeed>= 1.7.0 < 1.7.16.11.7.16.1
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.