What is CVE-2022-35583?

CVE-2022-35583 is a vulnerability in N/a. Published 2022-08-22.

Is CVE-2022-35583 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2022-35583

wkhtmlTOpdf 0.12.6 is vulnerable to SSRF which allows an attacker to get initial access into the target's system by injecting iframe tag with initial asset IP address on it's source. This allows the attacker to takeover the whole infrastru…

EPSS: 0.586 (98.2th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

wkhtmltopdf.org/
drive.google.com/file/d/1LAmf_6CJLk5qDp0an2s_gVQ0TN2wmht5/view
cyber-guy.gitbook.io/cyber-guys-blog/blogs/initial-access-via-pdf-file-silently
packetstormsecurity.com/files/171446/wkhtmltopdf-0.12.6-Server-Side-Request-For…

Frequently asked questions

What is CVE-2022-35583?: CVE-2022-35583 is a vulnerability in N/a. Published 2022-08-22.
Is CVE-2022-35583 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.