Vulnerability Description
SQL injection vulnerability in ARAX-UI Synonym Lookup functionality in GitHub repository rtxteam/rtx prior to checkpoint_2022-04-20 . This vulnerability is critical as it can lead to remote code execution and thus complete server takeover.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Rtx Project | Rtx | < 2022-04-20 |
Related Weaknesses (CWE)
References
- https://github.com/rtxteam/rtx/commit/fa2797e656e3dba18f990a2db1f0f029d41f1921PatchThird Party Advisory
- https://huntr.dev/bounties/fc4eb544-ef1e-412d-9fdb-0ceb04e038feExploitIssue TrackingPatch
- https://github.com/rtxteam/rtx/commit/fa2797e656e3dba18f990a2db1f0f029d41f1921PatchThird Party Advisory
- https://huntr.dev/bounties/fc4eb544-ef1e-412d-9fdb-0ceb04e038feExploitIssue TrackingPatch
FAQ
What is CVE-2022-1531?
CVE-2022-1531 is a vulnerability with a CVSS score of 9.8 (CRITICAL). SQL injection vulnerability in ARAX-UI Synonym Lookup functionality in GitHub repository rtxteam/rtx prior to checkpoint_2022-04-20 . This vulnerability is critical as it can lead to remote code execu...
How severe is CVE-2022-1531?
CVE-2022-1531 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2022-1531?
Check the references section above for vendor advisories and patch information. Affected products include: Rtx Project Rtx.