Main Vulnerability Database Exploits ID:8164 - Exploit for Arbitrary file upload in formidable - CVE-2022-29622

ID:8164 - Exploit for Arbitrary file upload in formidable - CVE-2022-29622

Published: July 21, 2022

Vulnerability identifier: #VU65264

Vulnerability risk: High

CVE-ID: CVE-2022-29622

CWE-ID: CWE-434

Exploitation vector: Remote access

Vulnerable software:
formidable

Link to public exploit:

https://github.com/keymandll/CVE-2022-29622

Vulnerability description

The vulnerability allows a remote attacker to execute arbitrary code on the system.

The vulnerability exists due to insufficient validation of file extension when uploading files. A remote attacker can upload and execute arbitrary file on the system.

Remediation

Install update from vendor's website.

ID:8164 - Exploit for Arbitrary file upload in formidable - CVE-2022-29622

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human