What is CVE-2022-40871?

CVE-2022-40871 is a vulnerability in N/a. Published 2022-10-12.

Is CVE-2022-40871 known to be exploited?

9 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2022-40871

Dolibarr ERP & CRM <=15.0.3 is vulnerable to Eval injection. By default, any administrator can be added to the installation page of dolibarr, and if successfully added, malicious code can be inserted into the database and then execute it b…

EPSS: 0.516 (97.9th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

0day404/vulnerability-poc
ARPSyndicate/cvemon
J1ezds/Vulnerability-Wiki-page
KayCHENvip/vulnerability-poc
Miraitowa70/POC-Notes
Threekiii/Awesome-POC
XiaomingX/awesome-poc-for-red-team
d4n-sec/d4n-sec.github.io
intercladire/Awesome-POC

References

github.com/youncyb/dolibarr-rce

Frequently asked questions

What is CVE-2022-40871?: CVE-2022-40871 is a vulnerability in N/a. Published 2022-10-12.
Is CVE-2022-40871 known to be exploited?: 9 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.