Description
A vulnerability in the descarga_etiqueta.php component of Correos Prestashop 1.7.x allows attackers to execute a directory traversal.
References (1)
Core 1
Core References
Third Party Advisory
https://ia-informatica.com/it/CVE-2022-46639
Scores
CVSS v3
7.5
EPSS
0.0096
EPSS Percentile
56.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-22
Status
published
Products (1)
correos/correos
1.7.0 - 1.7.8
Published
Jan 23, 2023
Tracked Since
Feb 18, 2026