Vulnerability Details CVE-2022-39838
Systematic FIX Adapter (ALFAFX) 2.4.0.25 13/09/2017 allows remote file inclusion via a UNC share pathname, and also allows absolute path traversal to local pathnames.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 74.0%
CVSS Severity
CVSS v3 Score 8.6
References
- http://systematicalpha.com/company
- http://systematicalpha.com/trading-programs/systematic-alpha-fx-master-fund
- https://github.com/jet-pentest/CVE-2022-39838
- http://systematicalpha.com/company
- http://systematicalpha.com/trading-programs/systematic-alpha-fx-master-fund
- https://github.com/jet-pentest/CVE-2022-39838
Products affected by CVE-2022-39838
-
cpe:2.3:h:systematicalpha:systematic_fix_adapter:-
-
cpe:2.3:o:systematicalpha:systematic_fix_adapter_firmware:2.4.0.25