CVE-2022-50992
published 2026-04-30CVE-2022-50992: Weaver (Fanwei) E-cology 9.5 versions prior to 10.52 contain an arbitrary file read vulnerability in the XmlRpcServlet interface at the XML-RPC endpoint that…
PriorityP183high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
ITWVulnCheck KEV
Exploited in the wild
EPSS
0.70%
48.7th percentile
Weaver (Fanwei) E-cology 9.5 versions prior to 10.52 contain an arbitrary file read vulnerability in the XmlRpcServlet interface at the XML-RPC endpoint that allows unauthenticated remote attackers to read arbitrary files by supplying file paths to the WorkflowService.getAttachment and WorkflowService.LoadTemplateProp methods. Attackers can exploit these methods without authentication to retrieve sensitive files including system configuration files and database credentials from the server. Exploitation evidence was first observed by the Shadowserver Foundation on 2022-12-14 (UTC).
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| weaver_network_co_ltd | e-cology | < 10.52 | 10.52 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv4.08.7HIGHCVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vulncheck8.7HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Weaver Network e-cology up to 10.51 XmlRpcServlet Interface path traversal
vuldb·2026-04-30·CVSS 8.7
CVE-2022-50992 [HIGH] Weaver Network e-cology up to 10.51 XmlRpcServlet Interface path traversal
A vulnerability was found in Weaver Network e-cology up to 10.51. It has been declared as critical. Affected by this vulnerability is the function WorkflowService.getAttachment/WorkflowService.LoadTemplateProp of the component XmlRpcServlet Interface. Such manipulation leads to path traversal.
This vulnerability is listed as CVE-2022-50992. The attack may be performed from remote. There is no available exploit.
It is recommended to upgrade the affected component.
GHSA
GHSA-vgv3-vw5h-8gfj: Weaver (Fanwei) E-cology 9
ghsa_unreviewed·2026-04-30
CVE-2022-50992 [HIGH] CWE-22 GHSA-vgv3-vw5h-8gfj: Weaver (Fanwei) E-cology 9
Weaver (Fanwei) E-cology 9.5 versions prior to 10.52 contain an arbitrary file read vulnerability in the XmlRpcServlet interface at the XML-RPC endpoint that allows unauthenticated remote attackers to read arbitrary files by supplying file paths to the WorkflowService.getAttachment and WorkflowService.LoadTemplateProp methods. Attackers can exploit these methods without authentication to retrieve sensitive files including system configuration files and database credentials from the server. Exploitation evidence was first observed by the Shadowserver Foundation on 2022-12-14 (UTC).
VulnCheck
weaver e-cology Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
vulncheck·2022·CVSS 8.7
CVE-2022-50992 [HIGH] weaver e-cology Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
weaver e-cology Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Weaver (Fanwei) E-cology 9.5 versions prior to 10.52 contain an arbitrary file read vulnerability in the XmlRpcServlet interface at the XML-RPC endpoint that allows unauthenticated remote attackers to read arbitrary files by supplying file paths to the WorkflowService.getAttachment and WorkflowService.LoadTemplateProp methods. Attackers can exploit these methods without authentication to retrieve sensitive files including system configuration files and database credentials from the server. Exploitation evidence was first observed by the Shadowserver Foundation on 2022-12-14 (UTC).
Affected: Weaver Network Co., Ltd. E-cology
Required Action: Apply remediations or mitigations per vendor instruct
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://blog.csdn.net/qq_36618918/article/details/135104295https://blog.csdn.net/xiayu729100940/article/details/135205082https://www.cnvd.org.cn/flaw/show/CNVD-2022-43245https://www.vulncheck.com/advisories/weaver-e-cology-unauthenticated-arbitrary-file-read-via-xmlrpcservlethttps://www.weaver.com.cn/cs/ecology_full_log.htmlhttps://www.weaver.com.cn/cs/securityDownload.html#
2026-04-30
Published
Exploited in the wild