CVE-2022-38120
published 2022-11-10CVE-2022-38120: UPSMON PRO’s has a path traversal vulnerability. A remote attacker with general user privilege can exploit this vulnerability to bypass authentication and…
PriorityP350medium6.5CVSS 3.1
AVNACLPRLUINSUCHINAN
EXPLOIT
EPSS
5.58%
91.9th percentile
UPSMON PRO’s has a path traversal vulnerability. A remote attacker with general user privilege can exploit this vulnerability to bypass authentication and access arbitrary system files.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| powercom_co_ltd | upsmon_pro | — | — |
| upspowercom | upsmon_pro | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor HTTP requests for path traversal patterns targeting UPSMON PRO's web service, particularly attempts to access the configuration file which contains credentials for web service, mail server, application, and SMS service. ↗
- →A remote attacker with only general user privilege can exploit this path traversal to bypass authentication — alert on unauthenticated or low-privilege access to sensitive file paths on UPSMON PRO endpoints. ↗
- ·The Metasploit module targets UPSMON PRO versions up to and including v2.61; ensure version scoping is applied when deploying detections to avoid false positives on patched versions. ↗
- ·This CVE is closely paired with CVE-2022-38121 (credential exposure via the retrieved config file); detections and incident response should account for both vulnerabilities being chained together. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
2022-11-10
Published