ID:9173 - Exploit for Embedded malicious code (backdoor) in School Management Pro - CVE-2022-1609

CSH
CYBERSECURITY HELP
Sign In REGISTER
 
Main Vulnerability Database Exploits ID:9173 - Exploit for Embedded malicious code (backdoor) in School Management Pro - CVE-2022-1609

ID:9173 - Exploit for Embedded malicious code (backdoor) in School Management Pro - CVE-2022-1609

Published: July 5, 2023


Vulnerability identifier: #VU63550
Vulnerability risk: Critical
CVE-ID: CVE-2022-1609
CWE-ID: CWE-506
Exploitation vector: Remote access
Vulnerable software:
School Management Pro

Link to public exploit:


Vulnerability description

The vulnerability allows a remote attacker to gain unauthorized access to the application.

The vulnerability exists due to presence of embedded malicious functionality in the application code (aka backdoor) that allows a remote attacker to gain unauthorized access to the application.

Note, the vulnerability is being actively exploited in the wild.


Remediation

Install updates from vendor's website.