CVE Vulnerabilities

CVE-2021-22646

Published: Jul 28, 2022 | Modified: Aug 04, 2022
CVSS 3.x
9.8
CRITICAL
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

The “ipk” package containing the configuration created by TWinSoft can be uploaded, extracted, and executed in Ovarro TBox, allowing malicious code execution.

Affected Software

Name Vendor Start Version End Version
Twinsoft Ovarro * 12.4 (excluding)

References