Vulnerabilities > CVE-2022-29950 - Unspecified vulnerability in Experian Hunter 1.16

CVSS 4.3 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

NONE

network

low complexity

experian

NVD

Published: 2022-05-04

Updated: 2024-04-11

Summary

Experian Hunter 1.16 allows remote authenticated users to modify assumed-immutable elements via the (1) rule name parameter to the Rules page or the (2) subrule name or (3) categories name parameter to the Subrules page. NOTE: the vendor disputes this because version 1.16 has never existed

Vulnerable Configurations

Part	Description	Count
Application	Experian Experian Hunter 1.16	1

References

https://gist.github.com/Voidager88/73c2d512a72cceb0ef84dbf87a497d10
https://www.experian.in/hunter