How severe is CVE-2022-44039?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.8 out of 10.

What type of vulnerability is CVE-2022-44039?

This is classified as CWE-863, which is a common weakness in software security.

CVE-2022-44039 - CRITICAL Severity | CVSS 9.8

Vulnerability Description

Franklin Fueling System FFS Colibri 1.9.22.8925 is affected by: File system overwrite. The impact is: File system rewrite (remote). ¶¶ An attacker can overwrite system files like [system.conf] and [passwd], this occurs because the insecure usage of "fopen" system function with the mode "wb" which allows overwriting file if exists. Overwriting files such as passwd, allows an attacker to escalate his privileges by planting backdoor user with root privilege or change root password.

Related Vulnerabilities

CVE-2001-1155

CRITICAL

CVSS:9.8(Critical)

TCP Wrappers (tcp_wrappers) in FreeBSD 4.1.1 through 4.3 with the PARANOID ACL option enabled does not properly check the result of a reverse DNS lookup, which could allow remote attackers to bypass i...

CWE-8632001

CVE-2008-7109

CRITICAL

CVSS:9.8(Critical)

The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 allows remote attackers to bypass authorization and upload arbitrary files to the client system via a modified program that does no...

CWE-8632008

CVE-2010-1435

CRITICAL

CVSS:9.8(Critical)

Joomla! Core is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently retrieve password reset tokens from the dat...

CWE-8632010

CVE-2012-6094

CRITICAL

CVSS:9.8(Critical)

cups (Common Unix Printing System) 'Listen localhost:631' option not honored correctly which could provide unauthorized access to the system

CWE-8632012

CVE-2013-2198

CRITICAL

CVSS:9.8(Critical)

The Login Security module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.3 for Drupal allows attackers to bypass intended restrictions via a crafted username.

CWE-8632013

CVE-2016-20001

CRITICAL

CVSS:9.8(Critical)

The REST/JSON project 7.x-1.x for Drupal allows node access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.

CWE-8632016