Vulnerabilities > CVE-2022-25511 - Unspecified vulnerability in Freetakserver-Ui Project Freetakserver-Ui 1.9.8

CVSS 6.5 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

freetakserver-ui-project

NVD

Published: 2022-03-11

Updated: 2022-03-22

Summary

An issue in the ?filename= argument of the route /DataPackageTable in FreeTAKServer-UI v1.9.8 allows attackers to place arbitrary files anywhere on the system.

Vulnerable Configurations

Part	Description	Count
Application	Freetakserver-Ui_Project Freetakserver UI Project Freetakserver UI 1.9.8	1

References

https://github.com/FreeTAKTeam/UI/issues/29