CVE-2022-44942
published 2022-12-07CVE-2022-44942: Casdoor before v1.126.1 was discovered to contain an arbitrary file deletion vulnerability via the uploadFile function.
PriorityP342high8.1CVSS 3.1
AVNACLPRLUINSUCNIHAH
EPSS
0.86%
53.9th percentile
Casdoor before v1.126.1 was discovered to contain an arbitrary file deletion vulnerability via the uploadFile function.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| casbin | casdoor | < 1.126.1 | 1.126.1 |
| github.com | casdoor_casdoor | >= 0 < 1.126.1 | 1.126.1 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Casdoor arbitrary file deletion vulnerability via uploadFile function in github.com/casdoor/casdoor
osv·2024-08-21
CVE-2022-44942 Casdoor arbitrary file deletion vulnerability via uploadFile function in github.com/casdoor/casdoor
Casdoor arbitrary file deletion vulnerability via uploadFile function in github.com/casdoor/casdoor
Casdoor arbitrary file deletion vulnerability via uploadFile function in github.com/casdoor/casdoor
GHSA
Casdoor arbitrary file deletion vulnerability via uploadFile function
ghsa·2022-12-07
CVE-2022-44942 [HIGH] CWE-22 Casdoor arbitrary file deletion vulnerability via uploadFile function
Casdoor arbitrary file deletion vulnerability via uploadFile function
Casdoor before v1.126.1 was discovered to contain an arbitrary file deletion vulnerability via the `uploadFile` function.
OSV
Casdoor arbitrary file deletion vulnerability via uploadFile function
osv·2022-12-07
CVE-2022-44942 [HIGH] Casdoor arbitrary file deletion vulnerability via uploadFile function
Casdoor arbitrary file deletion vulnerability via uploadFile function
Casdoor before v1.126.1 was discovered to contain an arbitrary file deletion vulnerability via the `uploadFile` function.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-12-07
Published