CVE-2022-0815

HIGH Year: 2022
CVSS v3 Score
7.3
High
CVSS v2 Score
7.5
High
Weakness Type
CWE-668
View all →

Vulnerability Description

Improper access control vulnerability in McAfee WebAdvisor Chrome and Edge browser extensions up to 8.1.0.1895 allows a remote attacker to gain access to McAfee WebAdvisor settings and other details about the user’s system. This could lead to unexpected behaviors including; settings being changed, fingerprinting of the system leading to targeted scams, and not triggering the malicious software if McAfee software is detected.

Related Vulnerabilities

CVE-2021-41065

HIGH
CVSS:7.3(High)

An issue was discovered in Listary through 6. An attacker can create a \\.\pipe\Listary.listaryService named pipe and wait for a privileged user to open a session on the Listary installed host. Listar...

CWE-6682021

CVE-2023-3670

HIGH
CVSS:7.3(High)

In CODESYS Development System 3.5.9.0 to 3.5.17.0 and CODESYS Scripting 4.0.0.0 to 4.1.0.0 unsafe directory permissions would allow an attacker with local access to the workstation to place potentiall...

CWE-6682023

CVE-2017-12576

HIGH
CVSS:7.2(High)

An issue was discovered on the PLANEX CS-QR20 1.30. A hidden and undocumented management page allows an attacker to execute arbitrary code on the device when the user is authenticated. The management ...

CWE-6682017

CVE-2017-16660

HIGH
CVSS:7.2(High)

Cacti 1.1.27 allows remote authenticated administrators to conduct Remote Code Execution attacks by placing the Log Path under the web root, and then making a remote_agent.php request containing PHP c...

CWE-6682017

CVE-2021-34539

HIGH
CVSS:7.2(High)

An issue was discovered in CubeCoders AMP before 2.1.1.8. A lack of validation of the Java Version setting means that an unintended executable path can be set. The result is that high-privileged users...

CWE-6682021

CVE-2023-39171

HIGH
CVSS:7.2(High)

SENEC Storage Box V1,V2 and V3 accidentially expose a management UI accessible with publicly known admin credentials.

CWE-6682023