CVE-2022-37109

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2022-37109

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-37109.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-37109

Published

2022-11-14T21:15:13.920Z

Modified

2026-03-15T22:45:26.050246Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

patrickfuller camp up to and including commit bbd53a256ed70e79bd8758080936afbf6d738767 is vulnerable to Incorrect Access Control. Access to the password.txt file is not properly restricted as it is in the root directory served by StaticFileHandler and the Tornado rule to throw a 403 error when password.txt is accessed can be bypassed. Furthermore, it is not necessary to crack the password hash to authenticate with the application because the password hash is also used as the cookie secret, so an attacker can generate his own authentication cookie.

References

Affected packages

Git / github.com/patrickfuller/camp

Affected ranges

Type: GIT
Repo: https://github.com/patrickfuller/camp
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

bf6af5c2e5cf713e4050c11c52dd4c55e89880b1

Type: GIT
Repo: https://github.com/patrickfuller/camp
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

bf6af5c2e5cf713e4050c11c52dd4c55e89880b1

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-37109.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "fixed": "2022-07-21"
            }
        ]
    }
]