Critical severity9.8NVD Advisory· Published Dec 25, 2023· Updated Jun 17, 2026
CVE-2022-34267
CVE-2022-34267
Description
An issue was discovered in RWS WorldServer before 11.7.3. Adding a token parameter with the value of 02 bypasses all authentication requirements. Arbitrary Java code can be uploaded and executed via a .jar archive to the ws-api/v2/customizations/api endpoint.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- RWS/WorldServerdescription
- Range: <11.7.3
Patches
Vulnerability mechanics
References
2- www.triskelelabs.com/vulnerabilities-in-rws-worldservernvdExploitThird Party Advisory
- www.rws.com/localization/products/trados-enterprise/worldserver/nvdProduct
News mentions
0No linked articles in our index yet.