What is CVE-2022-38840?

CVE-2022-38840 is a vulnerability in N/a. Published 2023-04-16.

Is CVE-2022-38840 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2022-38840

cgi-bin/xmlstatus.cgi in Güralp MAN-EAM-0003 3.2.4 is vulnerable to an XML External Entity (XXE) issue via XML file upload, which leads to local file disclosure.

EPSS: 0.601 (98.3th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

drive.google.com/drive/folders/1UG5IcL8fFp9MV0vjd78_cx6iXKda5bpM
packetstormsecurity.com/files/171439/MAN-EAM-0003-3.2.4-XML-Injection.html

Frequently asked questions

What is CVE-2022-38840?: CVE-2022-38840 is a vulnerability in N/a. Published 2023-04-16.
Is CVE-2022-38840 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.