What is CVE-2022-34267?

CVE-2022-34267 is a vulnerability in N/a. Published 2023-12-25.

Is CVE-2022-34267 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2022-34267

An issue was discovered in RWS WorldServer before 11.7.3. Adding a token parameter with the value of 02 bypasses all authentication requirements. Arbitrary Java code can be uploaded and executed via a .jar archive to the ws-api/v2/customiz…

EPSS: 0.788 (99.1th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

tanjiti/sec_

References

www.rws.com/localization/products/trados-enterprise/worldserver/
www.triskelelabs.com/vulnerabilities-in-rws-worldserver

Frequently asked questions

What is CVE-2022-34267?: CVE-2022-34267 is a vulnerability in N/a. Published 2023-12-25.
Is CVE-2022-34267 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.