cbcvebase.
CVE-2022-47879
published 2023-05-12

CVE-2022-47879: A Remote Code Execution (RCE) vulnerability in /be/rpc.php in Jedox 2020.2.5 allows remote authenticated users to load arbitrary PHP classes from the 'rtn'…

PriorityP359high7.5CVSS 3.1
AVNACHPRLUINSUCHIHAH
EXPLOIT
EPSS
6.74%
93.1th percentile
A Remote Code Execution (RCE) vulnerability in /be/rpc.php in Jedox 2020.2.5 allows remote authenticated users to load arbitrary PHP classes from the 'rtn' directory and execute its methods. NOTE: The vendor states that the vulnerability affects installations running version 22.5 or earlier. The issue was resolved with version 23.2 and later versions are not affected.

Affected

1 ranges
VendorProductVersion rangeFixed in
jedoxjedox
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.