COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2022-36537

CVE-2022-36537

Severity
critical · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2023-02-27
Reference
https://nvd.nist.gov/vuln/detail/CVE-2022-36537
⌖ exploited in the wild shame 80/100 ransomwareexploited-in-wild

ZK Framework AuUploader servlets contain an unspecified vulnerability that could allow an attacker to retrieve the content of a file located in the web context. The ZK Framework is an open-source Java framework. This vulnerability can impact multiple products, including but not l

Players implicated

ZK Framework · vendorAuUploader · product

Description

ZK Framework AuUploader servlets contain an unspecified vulnerability that could allow an attacker to retrieve the content of a file located in the web context. The ZK Framework is an open-source Java framework. This vulnerability can impact multiple products, including but not limited to ConnectWise R1Soft Server Backup Manager.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.