logo

CVE-2022-35914 - Teclib GLPI Remote Code Execution Vulnerability

CVE-2022-35914

Teclib | GLPI

  • Date Added:
  • 2023-03-07
  • Due Date:
  • 2023-03-28
Vulnerability Name

Teclib GLPI Remote Code Execution Vulnerability

Description

Teclib GLPI contains a remote code execution vulnerability in the third-party library, htmlawed.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes
https://glpi-project.org/fr/glpi-10-0-3-disponible/, http://www.bioinformatics.org/phplabware/sourceer/sourceer.php?&Sfs=htmLawedTest.php&Sl=.%2Finternal_utilities%2FhtmLawed.; https://nvd.nist.gov/vuln/detail/CVE-2022-35914

Free security scan for your website