CVE-2022-3471 An HRMS vulnerability was found. The file city.php is affected.

An exploit for this security flaw is publicly available. It is likely that this security bug will be used in a cyber-attack. The security bug can be exploited by an attacker to obtain remote root access to a vulnerable server. An attacker may use this bug to compromise the security of a server and steal valuable information from the compromised server.

An attacker may exploit this bug to obtain remote root access to a vulnerable server. The attacker can then use the access to further compromise the security of the server and steal valuable information from the server. You should apply the patch as soon as possible. If you are using a shared server, you should contact the hosting provider to have the server patched as soon

Vulnerable Versions of Apache

Apache versions 1.3.27 and earlier are vulnerable to the security bug.
Apache versions 1.2.3 and earlier are also vulnerable, but it is unknown if any attacks have been successful against these versions of Apache.

How to check if you are vulnerable to CVE-2022 -3471

The vulnerability is publicly available and there is an exploit for this security flaw. The vulnerability can be exploited by an attacker to obtain remote root access to a vulnerable server. You should apply the patch as soon as possible. If you are using a shared server, you should contact the hosting provider to have the server patched as soon as possible.

Timeline

Published on: 10/13/2022 04:15:00 UTC
Last modified on: 10/13/2022 17:37:00 UTC

References

• https://vuldb.com/?id.210715
• https://github.com/Hanfu-l/POC-Exp/blob/main/The%20Human%20Resource%20Management%20System%20searccity%20parameter%20is%20injected.pdf
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3471