Main Vulnerability Database Exploits ID:9387 - Exploit for Improper access control in Open Web Analytics - CVE-2022-24637

ID:9387 - Exploit for Improper access control in Open Web Analytics - CVE-2022-24637

Published: October 22, 2023

Vulnerability identifier: #VU76160

Vulnerability risk: High

CVE-ID: CVE-2022-24637

CWE-ID: CWE-284

Exploitation vector: Remote access

Vulnerable software:
Open Web Analytics

Link to public exploit:

https://github.com/Pflegusch/CVE-2022-24637

Vulnerability description

The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.

The vulnerability exists due to improper access restrictions. A remote attacker can bypass implemented security restrictions and obtain sensitive user information, which can be used to gain admin privileges by leveraging cache hashes.

Remediation

Install updates from vendor's website.

ID:9387 - Exploit for Improper access control in Open Web Analytics - CVE-2022-24637

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human