Critical severityNVD Advisory· Published Dec 5, 2022· Updated Apr 24, 2025
CVE-2022-42496
CVE-2022-42496
Description
OS command injection vulnerability in Nako3edit, editor component of nadesiko3 (PC Version) v3.3.74 and earlier allows a remote attacker to obtain appkey of the product and execute an arbitrary OS command on the product.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
nadesiko3npm | < 3.3.75 | 3.3.75 |
Affected products
1- Range: v3.3.74 and earlier
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- github.com/advisories/GHSA-7249-8x22-4rg4ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-42496ghsaADVISORY
- github.com/kujirahand/nadesiko3/issues/1325ghsaWEB
- github.com/kujirahand/nadesiko3/issues/1347ghsaWEB
- github.com/kujirahand/nadesiko3/releases/tag/3.3.75ghsaWEB
- jvn.jp/en/jp/JVN56968681/index.htmlghsaWEB
News mentions
0No linked articles in our index yet.