CVE-2022-0072
Summary
| CVE | CVE-2022-0072 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2022-10-27 20:15:00 UTC |
| Updated | 2023-11-07 03:40:00 UTC |
| Description | Directory Traversal vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server dashboards allows Path Traversal. This affects versions from 1.5.11 through 1.5.12, from 1.6.5 through 1.6.20.1, from 1.7.0 before 1.7.16.1 |
Risk And Classification
Problem Types: CWE-22
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Litespeedtech | Openlitespeed | All | All | All | All |
| Application | Litespeedtech | Openlitespeed | 1.5.11 | All | All | All |
| Application | Litespeedtech | Openlitespeed | 1.5.12 | All | All | All |
| Application | Litespeedtech | Openlitespeed | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| openlitespeed/httpserver.cpp at v1.7.16.1 · litespeedtech/openlitespeed · GitHub | MISC | github.com | |
| openlitespeed/httpserver.cpp at v1.7.16 · litespeedtech/openlitespeed · GitHub | MISC | github.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.