Snapt Aria vulnerabilities
3 known vulnerabilities affecting snapt/aria.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2LOW1
Vulnerabilities
Page 1 of 1
CVE-2022-24237P2HIGHCVSS 8.8v12.82022-03-21
CVE-2022-24237 [HIGH] CWE-78 CVE-2022-24237: The snaptPowered2 component of Snapt Aria v12.8 was discovered to contain a command injection vulner
The snaptPowered2 component of Snapt Aria v12.8 was discovered to contain a command injection vulnerability. This vulnerability allows authenticated attackers to execute arbitrary commands.
nvd
CVE-2022-24235P3HIGHCVSS 8.8v12.82022-03-21
CVE-2022-24235 [HIGH] CWE-352 CVE-2022-24235: A Cross-Site Request Forgery (CSRF) in the management portal of Snapt Aria v12.8 allows attackers to
A Cross-Site Request Forgery (CSRF) in the management portal of Snapt Aria v12.8 allows attackers to escalate privileges and execute arbitrary code via unspecified vectors.
nvd
CVE-2022-24236P4LOWCVSS 3.5v12.82022-03-21
CVE-2022-24236 [LOW] CWE-732 CVE-2022-24236: An insecure permissions vulnerability in Snapt Aria v12.8 allows unauthenticated attackers to send e
An insecure permissions vulnerability in Snapt Aria v12.8 allows unauthenticated attackers to send e-mails from spoofed users' accounts.
nvd