Description
Xampp for Windows v8.1.4 and below was discovered to contain insecure permissions for its install directory, allowing attackers to execute arbitrary code via overwriting binaries located in the directory.
References (2)
Core 2
Core References
Scores
CVSS v3
8.8
EPSS
0.0119
EPSS Percentile
64.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-276
Status
published
Products (1)
apachefriends/xampp
< 8.1.4
Published
May 23, 2022
Tracked Since
Feb 18, 2026