CVE-2022-34924

Description

Lanling OA Landray Office Automation (OA) internal patch number #133383/#137780 contains an arbitrary file read vulnerability via the component /sys/ui/extend/varkind/custom.jsp.

Related CPE's

a landray landray_office_automation -*******

References

https://developpaper.com/lanling-oa-foreground-arbitrary-file-reading-vulnerability-exploitation/

ExploitThird Party Advisory

https://codeantenna.com/a/DXQfemaZEH

ExploitThird Party Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics

Created by Yello

About Severity.io