CVE-2022-34269 | RWS WorldServer up to 11.7.2 Apache Axis Service ws-legacy/load_dtd system_id server-side request forgery

Posted by Angelo Barbosa | Dec 25, 2023 | CVE

A vulnerability was found in RWS WorldServer up to 11.7.2. It has been declared as critical. This vulnerability affects unknown code of the file ws-legacy/load_dtd of the component Apache Axis Service. The manipulation of the argument system_id leads to server-side request forgery.

This vulnerability was named CVE-2022-34269. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2022-34269 | RWS WorldServer up to 11.7.2 Apache Axis Service ws-legacy/load_dtd system_id server-side request forgery

Related Posts

CVE-2024-3131 | SourceCodester Computer Laboratory Management System 1.0 Master.php id sql injection

CVE-2024-28288 | Ruijie RG-NBR700GW 10.3(4b12) Cookie Verification password recovery

CVE-2024-6402 | Tenda A301 15.13.08.12 /goform/SetOnlineDevName fromSetWirelessRepeat devName stack-based overflow

CVE-2024-27377 | Samsung Exynos 1330 slsi_nan_get_security_info_nl heap-based overflow