Vulnerabilities > CVE-2022-42002 - Out-of-bounds Write vulnerability in Sonicjs
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
HIGH Availability impact
HIGH Summary
SonicJS through 0.6.0 allows file overwrite. It has the following mutations that are used for updating files: fileCreate and fileUpdate. Both of these mutations can be called without any authentication to overwrite any files on a SonicJS application, leading to Arbitrary File Write and Delete.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |