CVE-2022-32175

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-32175

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2022-32175.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2022-32175

Aliases

GHSA-mwwc-3jv2-62j3

Withdrawn

2024-05-08T06:52:28.425692Z

Published

2022-10-11T15:15:09Z

Modified

2023-11-28T23:27:24.880046Z

Severity

5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L CVSS Calculator

Summary

[none]

Details

In AdGuardHome, versions v0.95 through v0.108.0-b.13 are vulnerable to Cross-Site Request Forgery (CSRF), in the custom filtering rules functionality. An attacker can persuade an authorized user to follow a malicious link, resulting in deleting/modifying the custom filtering rules.

References

Affected packages

Git / github.com/AdguardTeam/AdGuardHome

Affected ranges

Type: GIT
Repo: https://github.com/AdguardTeam/AdGuardHome
Events: Introduced

7d2df263359c95d8e31e0319d0d15c93e4ceb886

Affected versions

v0.*

v0.100.0

v0.100.1

v0.100.2

v0.100.3

v0.100.4

v0.100.5

v0.100.6

v0.100.7

v0.100.8

v0.100.9

v0.101.0

v0.102.0

v0.103.0

v0.103.0-beta1

v0.103.0-beta2

v0.103.0-beta3

v0.103.1

v0.103.2

v0.103.3

v0.104.0

v0.104.0-beta1

v0.104.0-beta2

v0.104.0-beta3

v0.104.1

v0.104.2

v0.104.3

v0.105.0

v0.105.0-beta.1

v0.105.0-beta.2

v0.105.0-beta.3

v0.105.0-beta.4

v0.105.0-beta.5

v0.105.1

v0.105.1-beta.1

v0.105.2

v0.105.2-beta.1

v0.106.0

v0.106.0-b.1

v0.106.0-b.2

v0.106.0-b.3

v0.106.0-b.4

v0.106.0-b.5

v0.106.1

v0.106.1-b.1

v0.106.2

v0.106.2-b.1

v0.106.3

v0.106.3-b.1

v0.107.0

v0.107.0-b.1

v0.107.0-b.10

v0.107.0-b.11

v0.107.0-b.12

v0.107.0-b.13

v0.107.0-b.14

v0.107.0-b.15

v0.107.0-b.16

v0.107.0-b.17

v0.107.0-b.2

v0.107.0-b.3

v0.107.0-b.4

v0.107.0-b.5

v0.107.0-b.6

v0.107.0-b.7

v0.107.0-b.8

v0.107.0-b.9

v0.107.1

v0.107.10

v0.107.11

v0.107.12

v0.107.13

v0.107.14

v0.107.15

v0.107.16

v0.107.17

v0.107.18

v0.107.19

v0.107.2

v0.107.20

v0.107.21

v0.107.22

v0.107.23

v0.107.24

v0.107.25

v0.107.26

v0.107.27

v0.107.28

v0.107.29

v0.107.3

v0.107.30

v0.107.31

v0.107.32

v0.107.33

v0.107.34

v0.107.35

v0.107.36

v0.107.37

v0.107.38

v0.107.39

v0.107.4

v0.107.40

v0.107.41

v0.107.5

v0.107.6

v0.107.7

v0.107.8

v0.107.9

v0.108.0-b.1

v0.108.0-b.10

v0.108.0-b.11

v0.108.0-b.12

v0.108.0-b.13

v0.108.0-b.14

v0.108.0-b.15

v0.108.0-b.16

v0.108.0-b.17

v0.108.0-b.18

v0.108.0-b.19

v0.108.0-b.2

v0.108.0-b.20

v0.108.0-b.21

v0.108.0-b.22

v0.108.0-b.23

v0.108.0-b.24

v0.108.0-b.25

v0.108.0-b.26

v0.108.0-b.27

v0.108.0-b.28

v0.108.0-b.29

v0.108.0-b.3

v0.108.0-b.30

v0.108.0-b.31

v0.108.0-b.32

v0.108.0-b.33

v0.108.0-b.34

v0.108.0-b.35

v0.108.0-b.36

v0.108.0-b.37

v0.108.0-b.38

v0.108.0-b.39

v0.108.0-b.4

v0.108.0-b.40

v0.108.0-b.41

v0.108.0-b.42

v0.108.0-b.43

v0.108.0-b.44

v0.108.0-b.45

v0.108.0-b.46

v0.108.0-b.47

v0.108.0-b.48

v0.108.0-b.49

v0.108.0-b.5

v0.108.0-b.50

v0.108.0-b.6

v0.108.0-b.7

v0.108.0-b.8

v0.108.0-b.9

v0.95-hotfix

v0.96

v0.96-hotfix

v0.97.0

v0.97.1

v0.98.0

v0.98.1

v0.99.0

v0.99.1

v0.99.2

v0.99.3