CVE-2022-23764

HIGH

Teruten Webcube < 1.2.0.0 - Origin Validation Error

Title source: rule

Description

The vulnerability causing from insufficient verification procedures for downloaded files during WebCube update. Remote attackers can bypass this verification logic to update both digitally signed and unauthorized files, enabling remote code execution.

References (1)

[Third Party Advisory] https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66876

Scores

CVSS v3 8.8

EPSS 0.0044

EPSS Percentile 63.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Classification

CWE

CWE-346

Status published

Affected Products (1)

teruten/webcube < 1.2.0.0

Timeline

Published Aug 17, 2022

Tracked Since Feb 18, 2026