CVE-2022-25890 HIGH

CVE-2022-25890

Vendor N/A
Product wifey
Weakness CWE-78
Published January 9, 2023
Last update April 9, 2025
View on NVD All CVEs

CVSS base score

7.4/10
Attack vector Local
Attack complexity High
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P

What the vulnerability does

01Description

All versions of the package wifey are vulnerable to Command Injection via the connect() function due to improper input sanitization.

Key dates

02Disclosure timeline

January 9, 2023 CVE published
April 9, 2025 Record updated