VYPR
High severity7.5NVD Advisory· Published Feb 15, 2022· Updated Jun 17, 2026

CVE-2022-23317

CVE-2022-23317

Description

CobaltStrike <=4.5 HTTP(S) listener does not determine whether the request URL begins with "/", and attackers can obtain relevant information by specifying the URL.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.