VYPR
Unrated severityNVD Advisory· Published Aug 16, 2022· Updated Sep 17, 2024

Insufficient validation of provided paths in Exago WrImageResource.axd

CVE-2022-1401

Description

Improper Access Control vulnerability in the /Exago/WrImageResource.adx route as used in Device42 Asset Management Appliance allows an unauthenticated attacker to read sensitive server files with root permissions. This issue affects: Device42 CMDB versions prior to 18.01.00.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.