CVE-2022-32272
CRITICALOpswat Metadefender < 5.1.2 - Improper Privilege Management
Title source: ruleDescription
OPSWAT MetaDefender Core before 5.1.2, MetaDefender ICAP before 4.12.1, and MetaDefender Email Gateway Security before 5.6.1 have incorrect access control, resulting in privilege escalation.
Exploits (1)
exploitdb
WORKING POC
by Ulascan Yildirim · pythonwebappsmultiple
https://www.exploit-db.com/exploits/51113
References (7)
Scores
CVSS v3
9.8
EPSS
0.2120
EPSS Percentile
95.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-269
Status
published
Products (1)
opswat/metadefender
< 5.1.2
Published
Jun 09, 2022
Tracked Since
Feb 18, 2026