CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

changingtec

megaservisignadapter

3 known vulnerabilities · sorted by CVSS score

CVE-2022-39060

CRITICAL9.8

ChangingTech MegaServiSignAdapter component has a vulnerability of improper input validation. An unauthenticated remote attacker can exploit this vulnerability to access and modify HKEY_CURRENT_USER subkey (ex: AutoRUN) in Registry where malicious scripts can be executed to take control of the system or to terminate the service.

changingtec / megaservisignadapter

Network

Published Jan 31, 2023

CVE-2022-39059

HIGH7.5

ChangingTech MegaServiSignAdapter component has a path traversal vulnerability within its file reading function. An unauthenticated remote attacker can exploit this vulnerability to access arbitrary system files.

changingtec / megaservisignadapter

Network

Published Jan 31, 2023

CVE-2022-39061

MEDIUM6.5

ChangingTech MegaServiSignAdapter component has a vulnerability of Out-of-bounds Read due to insufficient validation for parameter length. An unauthenticated remote attacker can exploit this vulnerability to access partial sensitive content in memory and disrupts partial services.

changingtec / megaservisignadapter

Network

Published Jan 31, 2023