CVE-2022-38130
CRITICAL EXPLOITED NUCLEIcom.keysight.tentacle.config.ResourceManager - Path Traversal
Title source: llmExploitation Summary
CVE-2022-38130 has been observed exploited in the wild (reported by VulnCheck KEV). A Nuclei detection template is also available.
Description
The com.keysight.tentacle.config.ResourceManager.smsRestoreDatabaseZip() method is used to restore the HSQLDB database used in SMS. It takes the path of the zipped database file as the single parameter. An unauthenticated, remote attacker can specify an UNC path for the database file (i.e., \\<attacker-host>\sms\<attacker-db.zip>), effectively controlling the content of the database to be restored.
Nuclei Templates (1)
KeySight RF - smsRestoreDatabaseZip UNC path to Remote Code Execution
CRITICALVERIFIEDby daffainfo,jjcho
References (1)
Core 1
Core References
Third Party Advisory x_refsource_misc
https://www.tenable.com/security/research/tra-2022-28
Scores
CVSS v3
9.8
EPSS
0.5339
EPSS Percentile
98.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
VulnCheck KEV
2023-11-18
CWE
CWE-89
Status
published
Products (1)
keysight/sensor_management_server
2.4.0
Published
Aug 10, 2022
Tracked Since
Feb 18, 2026