cyber Vulnerability

Dynamicweb

Mar 6, 2022 1 min read
Dynamicweb

The RCE vulnerability discovered in the Dynamicweb software could lead to compromise any victim’s server.

It could allow attackers to add a new administrator user and gain full access to the ecommerce installation of Dynamicweb.

The company has released a number of hotfixes for issue.

Source: https://portswigger.net/daily-swig/rce-vulnerability-in-dynamicweb-enterprise-software-could-allow-server-compromise

TPRM report: https://scoringcyber.rankiteo.com/company/dynamicweb-software

"id": "dyn14195322",
"linkid": "dynamicweb-software",
"type": "Vulnerability",
"date": "03/2022",
"severity": "80",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'industry': 'Ecommerce Software',
                        'name': 'Dynamicweb',
                        'type': 'Software Company'}],
 'attack_vector': 'Software Vulnerability',
 'description': 'A Remote Code Execution (RCE) vulnerability in the Dynamicweb '
                'software could allow attackers to add a new administrator '
                'user and gain full access to the ecommerce installation.',
 'impact': {'systems_affected': 'Ecommerce installation'},
 'motivation': 'Unauthorized Access',
 'response': {'remediation_measures': ['Hotfixes released']},
 'title': 'RCE Vulnerability in Dynamicweb Software',
 'type': 'Remote Code Execution (RCE)',
 'vulnerability_exploited': 'RCE vulnerability in Dynamicweb software'}
Published by
Harshit Kaur Bhatia
Harshit Kaur Bhatia
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.