Critical severityNVD Advisory· Published May 1, 2022· Updated Sep 16, 2024
Remote Code Execution
CVE-2022-25767
Description
All versions of package com.bstek.ureport:ureport2-console are vulnerable to Remote Code Execution by connecting to a malicious database server, causing arbitrary file read and deserialization of local gadgets.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
com.bstek.ureport:ureport2-consoleMaven | <= 2.2.9 | — |
Affected products
2- com.bstek.ureport/ureport2-consoledescription
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-w39x-chvm-pj3cghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-25767ghsaADVISORY
- github.com/JinYiTong/CVE-Req/blob/main/ureport2/ureport2-console.mdghsax_refsource_MISCWEB
- snyk.io/vuln/SNYK-JAVA-COMBSTEKUREPORT-2322018ghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.