CVE-2022-37027: CVE-2022-37027

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-37027

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Ahsay AhsayCBS 9.1.4.0 allows an authenticated system user to inject arbitrary Java JVM options. Administrators that can modify the Runtime Options in the web interface can inject Java Runtime Options. These take effect after a restart. For example, an attacker can enable JMX services and consequently achieve remote code execution as the system user.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Ahsay Systems Cloud Backup Suite 参数注入漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Ahsay Systems Cloud Backup Suite是中国香港Ahsay Systems公司的一套集中式云备份解决方案。该产品支持数据库备份和物理服务器备份等功能。 Ahsay Systems Cloud Backup Suite 9.1.4.0版本存在参数注入漏洞。经过身份验证的攻击者利用该漏洞注入任意Java JVM选项。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2022-37027

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2022-37027

Please Login to view more intelligence information

https://wiki.ahsay.com/doku.php?id=public:resources:release_notes_v9320x_refsource_MISC
https://www.ahsay.com/partners/en/home/index.jsp?pageContentKey=ahsay_assets_latest_hotfixx_refsource_CONFIRM
https://www.ahsay.com/jsp/en/downloads/ahsay-downloads_latest-software_ahsaycbs.jspx_refsource_MISC
https://www.compass-security.com/fileadmin/Research/Advisories/2022_12_CSNC-2022-009_AhsayCBS_Java_Runtime_Parameter_Injection.txtx_refsource_MISC
https://www.compass-security.com/en/research/advisoriesx_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2022-37027

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2022-37027

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2022-37027

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2022-37027

III. Intelligence Information for CVE-2022-37027

IV. Related Vulnerabilities

V. Comments for CVE-2022-37027

Leave a comment