Exploitation Summary
CVE-2022-38131 has a Nuclei detection template available — see the Nuclei card below for the Shodan/FOFA recon queries.
Description
RStudio Connect prior to 2023.01.0 is affected by an Open Redirect issue. The vulnerability could allow an attacker to redirect users to malicious websites.
Nuclei Templates (1)
RStudio Connect - Open Redirect
MEDIUMVERIFIEDby xxcdd
Shodan:
http.favicon.hash:217119619 || http.title:"openvpn connect"
FOFA:
app="RStudio-Connect" || title="openvpn connect"
References (2)
Core 2
Core References
Exploit, Third Party Advisory
https://support.posit.co/hc/en-us/articles/10983374992023
Exploit, Third Party Advisory
https://tenable.com/security/research/tra-2022-30
Scores
CVSS v3
6.1
EPSS
0.0129
EPSS Percentile
66.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-601
Status
published
Products (1)
rstudio/connect
Published
Sep 06, 2022
Tracked Since
Feb 18, 2026