ID
VAR-202207-1519
CVE
CVE-2022-24659
TITLE
goldshell of goldshell miner Path traversal vulnerability in firmware
Trust: 0.8
sources:
JVNDB: JVNDB-2022-013589
DESCRIPTION
Goldshell ASIC Miners v2.2.1 and below was discovered to contain a path traversal vulnerability which allows unauthenticated attackers to retrieve arbitrary files from the device. goldshell of goldshell miner A path traversal vulnerability exists in firmware.Information may be obtained
Trust: 1.8
sources:
NVD: CVE-2022-24659 //
JVNDB: JVNDB-2022-013589 //
VULHUB: VHN-414393 //
VULMON: CVE-2022-24659
AFFECTED PRODUCTS
| vendor: | goldshell | model: | miner | scope: | lte | version: | 2.2.1 | Trust: 1.0 |
| vendor: | goldshell | model: | miner | scope: | - | version: | - | Trust: 0.8 |
| vendor: | goldshell | model: | miner | scope: | eq | version: | - | Trust: 0.8 |
| vendor: | goldshell | model: | miner | scope: | lte | version: | goldshell miner firmware 2.2.1 and earlier | Trust: 0.8 |
sources:
JVNDB: JVNDB-2022-013589 //
NVD: CVE-2022-24659
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
JVNDB: JVNDB-2022-013589 //
CNNVD: CNNVD-202207-2002 //
NVD: CVE-2022-24659
PROBLEMTYPE DATA
| problemtype: | CWE-22 | Trust: 1.1 |
| problemtype: | Path traversal (CWE-22) [NVD evaluation ] | Trust: 0.8 |
sources:
VULHUB: VHN-414393 //
JVNDB: JVNDB-2022-013589 //
NVD: CVE-2022-24659
THREAT TYPE
remote
Trust: 0.6
sources:
CNNVD: CNNVD-202207-2002
TYPE
path traversal
Trust: 0.6
sources:
CNNVD: CNNVD-202207-2002
PATCH
| title: | Goldshell ASIC Miners Repair measures for path traversal vulnerabilities | url: | http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=201696 | Trust: 0.6 |
sources:
CNNVD: CNNVD-202207-2002
EXTERNAL IDS
| db: | NVD | id: | CVE-2022-24659 | Trust: 3.4 |
| db: | JVNDB | id: | JVNDB-2022-013589 | Trust: 0.8 |
| db: | CNNVD | id: | CNNVD-202207-2002 | Trust: 0.6 |
| db: | VULHUB | id: | VHN-414393 | Trust: 0.1 |
| db: | VULMON | id: | CVE-2022-24659 | Trust: 0.1 |
sources:
VULHUB: VHN-414393 //
VULMON: CVE-2022-24659 //
JVNDB: JVNDB-2022-013589 //
CNNVD: CNNVD-202207-2002 //
NVD: CVE-2022-24659
REFERENCES
| url: | https://github.com/goldshellminer/firmware | Trust: 2.6 |
| url: | https://jamesachambers.com/cryptocurrency-asic-miners-security-and-hacking-audit/ | Trust: 2.6 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2022-24659 | Trust: 0.8 |
| url: | https://cxsecurity.com/cveshow/cve-2022-24659/ | Trust: 0.6 |
| url: | https://nvd.nist.gov | Trust: 0.1 |
sources:
VULHUB: VHN-414393 //
VULMON: CVE-2022-24659 //
JVNDB: JVNDB-2022-013589 //
CNNVD: CNNVD-202207-2002 //
NVD: CVE-2022-24659
SOURCES
| db: | VULHUB | id: | VHN-414393 |
| db: | VULMON | id: | CVE-2022-24659 |
| db: | JVNDB | id: | JVNDB-2022-013589 |
| db: | CNNVD | id: | CNNVD-202207-2002 |
| db: | NVD | id: | CVE-2022-24659 |
LAST UPDATE DATE
2024-08-14T13:22:00.115000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-414393 | date: | 2022-07-27T00:00:00 |
| db: | VULMON | id: | CVE-2022-24659 | date: | 2022-07-20T00:00:00 |
| db: | JVNDB | id: | JVNDB-2022-013589 | date: | 2023-09-08T08:29:00 |
| db: | CNNVD | id: | CNNVD-202207-2002 | date: | 2022-07-28T00:00:00 |
| db: | NVD | id: | CVE-2022-24659 | date: | 2022-07-27T22:04:06.657 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-414393 | date: | 2022-07-20T00:00:00 |
| db: | VULMON | id: | CVE-2022-24659 | date: | 2022-07-20T00:00:00 |
| db: | JVNDB | id: | JVNDB-2022-013589 | date: | 2023-09-08T00:00:00 |
| db: | CNNVD | id: | CNNVD-202207-2002 | date: | 2022-07-20T00:00:00 |
| db: | NVD | id: | CVE-2022-24659 | date: | 2022-07-20T13:15:08.340 |