CVE-2022-38131

MEDIUM NUCLEI

RStudio Connect <2023.01.0 - Open Redirect

Title source: llm

Description

RStudio Connect prior to 2023.01.0 is affected by an Open Redirect issue. The vulnerability could allow an attacker to redirect users to malicious websites.

Nuclei Templates (1)

RStudio Connect - Open Redirect

MEDIUMVERIFIEDby xxcdd

Shodan: http.favicon.hash:217119619 || http.title:"openvpn connect"

FOFA: app="RStudio-Connect" || title="openvpn connect"

References (2)

[Exploit, Third Party Advisory] https://support.posit.co/hc/en-us/articles/10983374992023

[Exploit, Third Party Advisory] https://tenable.com/security/research/tra-2022-30

Scores

CVSS v3 6.1

EPSS 0.0238

EPSS Percentile 85.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE

CWE-601

Status published

Products (1)

rstudio/connect

Published Sep 06, 2022

Tracked Since Feb 18, 2026