Vendor
Snapt
Products
2
CVEs
3
Across products
4
Status
Private
Products
2- 3 CVEs
- 1 CVE
Recent CVEs
3| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-24237 | Hig | 0.59 | 8.8 | 0.25 | Mar 21, 2022 | The snaptPowered2 component of Snapt Aria v12.8 was discovered to contain a command injection vulnerability. This vulnerability allows authenticated attackers to execute arbitrary commands. | ||
| CVE-2022-24235 | Hig | 0.57 | 8.8 | 0.01 | Mar 21, 2022 | A Cross-Site Request Forgery (CSRF) in the management portal of Snapt Aria v12.8 allows attackers to escalate privileges and execute arbitrary code via unspecified vectors. | ||
| CVE-2022-24236 | Low | 0.23 | 3.5 | 0.01 | Mar 21, 2022 | An insecure permissions vulnerability in Snapt Aria v12.8 allows unauthenticated attackers to send e-mails from spoofed users' accounts. |
- risk 0.59cvss 8.8epss 0.25
The snaptPowered2 component of Snapt Aria v12.8 was discovered to contain a command injection vulnerability. This vulnerability allows authenticated attackers to execute arbitrary commands.
- risk 0.57cvss 8.8epss 0.01
A Cross-Site Request Forgery (CSRF) in the management portal of Snapt Aria v12.8 allows attackers to escalate privileges and execute arbitrary code via unspecified vectors.
- risk 0.23cvss 3.5epss 0.01
An insecure permissions vulnerability in Snapt Aria v12.8 allows unauthenticated attackers to send e-mails from spoofed users' accounts.