CVE-2022-42908 - OpenCVE

WEPA Print Away is vulnerable to a stored XSS. It does not properly sanitize uploaded filenames, allowing an attacker to deceive a user into uploading a document with a malicious filename, which will be included in subsequent HTTP responses, allowing a stored XSS to occur. This attack is persistent across victim sessions.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact High

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Wepanow	Print Away

Configuration 1 [-]

cpe:2.3:a:wepanow:print_away:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://enrique.wtf/CVE-2022-42908
https://www.incibe-cert.es/en/early-warning/security-advisories/multiple-vulnerabilities-wepa-print-away

History

No history.

MITRE

Status: PUBLISHED

Assigner: INCIBE

Published: 2023-02-03T00:00:00

Updated: 2024-08-03T13:19:05.291Z

Reserved: 2022-10-13T00:00:00

Link: CVE-2022-42908

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2023-02-03T19:15:12.333

Modified: 2023-02-10T17:34:39.233

Link: CVE-2022-42908

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-42908", "assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", "assignerShortName": "INCIBE", "dateUpdated": "2024-08-03T13:19:05.291Z", "dateReserved": "2022-10-13T00:00:00", "datePublished": "2023-02-03T00:00:00"}, "containers": {"cna": {"datePublic": "2023-01-27T00:00:00", "providerMetadata": {"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516", "shortName": "INCIBE", "dateUpdated": "2023-02-03T00:00:00"}, "descriptions": [{"lang": "en", "value": "WEPA Print Away is vulnerable to a stored XSS. It does not properly sanitize uploaded filenames, allowing an attacker to deceive a user into uploading a document with a malicious filename, which will be included in subsequent HTTP responses, allowing a stored XSS to occur. This attack is persistent across victim sessions."}], "affected": [{"vendor": "WEPA", "product": "Wepa Print Away", "versions": [{"version": "not versioned", "status": "affected"}]}], "references": [{"url": "https://www.incibe-cert.es/en/early-warning/security-advisories/multiple-vulnerabilities-wepa-print-away"}, {"url": "https://enrique.wtf/CVE-2022-42908"}], "credits": [{"lang": "en", "value": "Enrique Benvenutto Navarro"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 6.3, "baseSeverity": "MEDIUM"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "cweId": "CWE-79"}]}], "x_generator": {"engine": "Vulnogram 0.0.9"}, "source": {"advisory": "INCIBE-2022-1037", "defect": ["INCIBE-2022-0062"], "discovery": "EXTERNAL"}, "solutions": [{"lang": "en", "value": "The vulnerability has already been fixed by the WEPA security team."}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T13:19:05.291Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.incibe-cert.es/en/early-warning/security-advisories/multiple-vulnerabilities-wepa-print-away", "tags": ["x_transferred"]}, {"url": "https://enrique.wtf/CVE-2022-42908", "tags": ["x_transferred"]}]}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wepanow:print_away:-:*:*:*:*:*:*:*", "matchCriteriaId": "C11DC343-6563-4E5B-8971-AC58C5B5FF62", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "WEPA Print Away is vulnerable to a stored XSS. It does not properly sanitize uploaded filenames, allowing an attacker to deceive a user into uploading a document with a malicious filename, which will be included in subsequent HTTP responses, allowing a stored XSS to occur. This attack is persistent across victim sessions."}], "id": "CVE-2022-42908", "lastModified": "2023-02-10T17:34:39.233", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 4.2, "source": "cve-coordination@incibe.es", "type": "Secondary"}]}, "published": "2023-02-03T19:15:12.333", "references": [{"source": "cve-coordination@incibe.es", "tags": ["Third Party Advisory"], "url": "https://enrique.wtf/CVE-2022-42908"}, {"source": "cve-coordination@incibe.es", "tags": ["Third Party Advisory"], "url": "https://www.incibe-cert.es/en/early-warning/security-advisories/multiple-vulnerabilities-wepa-print-away"}], "sourceIdentifier": "cve-coordination@incibe.es", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "cve-coordination@incibe.es", "type": "Secondary"}]}