Sunlogin Sunflower Command Execution

Advisories

severity: critical
date: February 13, 2023
Affecting: Sunlogin Sunflower Simple 1.0.1.43315 and below
Sunlogin Sunflower Personal 1.0.1.43315 and below
CVE: CVE-2022-48323
CVE type: Path Traversal
CVSS: 9.8
CVSS V3 Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References: Exploit
CNVD-2022-10270
VulnCheck KEV: This advisory is in the VulnCheck KEV database