What is CVE-2022-24627?

CVE-2022-24627 is a vulnerability in N/a. Published 2023-05-29.

Is CVE-2022-24627 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2022-24627

An issue was discovered in AudioCodes Device Manager Express through 7.8.20002.47752. It is an unauthenticated SQL injection in the p parameter of the process_login.php login form.

EPSS: 0.565 (98.2th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

dearestdoe/newclei
tr3ss/newclei

References

seclists.org/fulldisclosure/2023/Feb/12

Frequently asked questions

What is CVE-2022-24627?: CVE-2022-24627 is a vulnerability in N/a. Published 2023-05-29.
Is CVE-2022-24627 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.