← Back

CVE-2022-32175

nvd nist
Published: Oct 11, 2022Modified: May 20, 2025

JSON object

Loading...
5.4
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
Exploitability: 2.8 / Impact: 2.5
Source: NVD

Description

In AdGuardHome, versions v0.95 through v0.108.0-b.13 are vulnerable to Cross-Site Request Forgery (CSRF), in the custom filtering rules functionality. An attacker can persuade an authorized user to follow a malicious link, resulting in deleting/modifying the custom filtering rules.

Affected (14)

Products: Adguard: Adguardhome
Adguard
1 product
Adguardhome
Configuration A
14 vulnerable
Vulnerable SoftwareAffected Versions
Adguard
Adguardhome
From 0.95 to 0.108
Adguardhome
Version 0.108
Adguardhome
Version 0.108 beta10
Adguardhome
Version 0.108 beta11
Adguardhome
Version 0.108 beta12
Adguardhome
Version 0.108 beta1
Adguardhome
Version 0.108 beta2
Adguardhome
Version 0.108 beta3
Adguardhome
Version 0.108 beta4
Adguardhome
Version 0.108 beta5
Adguardhome
Version 0.108 beta6
Adguardhome
Version 0.108 beta7
Adguardhome
Version 0.108 beta8
Adguardhome
Version 0.108 beta9

Related CWEs

CWE-352
Cross-Site Request Forgery (CSRF)
The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

References (4)

Source: vulnerabilitylab@mend.io
ExploitThird Party Advisory
Source: vulnerabilitylab@mend.io
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory

Timeline

No history available yet.