CVE-2022-45290: n/a in n/a
Kbase Doc v1.0 was discovered to contain an arbitrary file deletion vulnerability via the component /web/IndexController.java.
AI Analysis
Technical Summary
CVE-2022-45290 is a critical arbitrary file deletion vulnerability identified in Kbase Doc version 1.0, specifically within the /web/IndexController.java component. This vulnerability is categorized under CWE-22, which relates to improper limitation of a pathname to a restricted directory ('Path Traversal'). The flaw allows an unauthenticated attacker to delete arbitrary files on the affected system by manipulating file path inputs processed by the vulnerable controller. The CVSS v3.1 base score of 9.1 indicates a critical severity level, with an attack vector of network (AV:N), low attack complexity (AC:L), no privileges required (PR:N), and no user interaction needed (UI:N). The scope is unchanged (S:U), and the impact is high on integrity (I:H) and availability (A:H), but no confidentiality impact (C:N). This means an attacker can remotely and easily exploit the vulnerability to delete files, potentially disrupting system operations or deleting critical data, without needing any authentication or user interaction. No patches or vendor advisories are currently available, and no known exploits have been reported in the wild. The vulnerability was reserved by MITRE on November 14, 2022, and published on December 9, 2022. The lack of vendor or product information limits precise identification of affected environments, but the presence of a web controller component suggests a web application context, likely deployed in enterprise or organizational settings where Kbase Doc v1.0 is used for knowledge base management or documentation purposes.
Potential Impact
For European organizations, the arbitrary file deletion vulnerability poses significant risks to operational continuity and data integrity. Successful exploitation can lead to deletion of critical configuration files, application data, or system files, resulting in service outages, data loss, or corruption. This can disrupt business processes, especially for organizations relying on Kbase Doc for internal knowledge management or customer support documentation. The lack of authentication and user interaction requirements increases the threat surface, allowing remote attackers to cause damage without insider access or social engineering. Sectors with high dependency on web-based documentation platforms, such as government agencies, financial institutions, healthcare providers, and large enterprises, may face heightened risks. Additionally, the potential for availability impact could be leveraged in targeted attacks aiming to disrupt services or cause reputational damage. Although no known exploits are reported, the critical severity and ease of exploitation necessitate urgent attention to prevent potential future attacks.
Mitigation Recommendations
Given the absence of official patches or vendor advisories, European organizations should implement the following specific mitigations: 1) Conduct immediate code review and audit of the /web/IndexController.java component to identify and remediate path traversal vulnerabilities by enforcing strict input validation and sanitization on all file path parameters. 2) Implement web application firewall (WAF) rules to detect and block suspicious path traversal patterns or file deletion attempts targeting the vulnerable endpoint. 3) Restrict file system permissions for the application process to the minimum necessary, preventing deletion of critical system or application files even if exploited. 4) Employ network segmentation and access controls to limit exposure of the vulnerable application to untrusted networks. 5) Monitor application and system logs for unusual file deletion activities or access patterns indicative of exploitation attempts. 6) Prepare incident response plans to quickly restore deleted files from backups and mitigate service disruptions. 7) Engage with the vendor or community to obtain or develop patches and update affected systems promptly once available.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Poland, Belgium
CVE-2022-45290: n/a in n/a
Description
Kbase Doc v1.0 was discovered to contain an arbitrary file deletion vulnerability via the component /web/IndexController.java.
AI-Powered Analysis
Technical Analysis
CVE-2022-45290 is a critical arbitrary file deletion vulnerability identified in Kbase Doc version 1.0, specifically within the /web/IndexController.java component. This vulnerability is categorized under CWE-22, which relates to improper limitation of a pathname to a restricted directory ('Path Traversal'). The flaw allows an unauthenticated attacker to delete arbitrary files on the affected system by manipulating file path inputs processed by the vulnerable controller. The CVSS v3.1 base score of 9.1 indicates a critical severity level, with an attack vector of network (AV:N), low attack complexity (AC:L), no privileges required (PR:N), and no user interaction needed (UI:N). The scope is unchanged (S:U), and the impact is high on integrity (I:H) and availability (A:H), but no confidentiality impact (C:N). This means an attacker can remotely and easily exploit the vulnerability to delete files, potentially disrupting system operations or deleting critical data, without needing any authentication or user interaction. No patches or vendor advisories are currently available, and no known exploits have been reported in the wild. The vulnerability was reserved by MITRE on November 14, 2022, and published on December 9, 2022. The lack of vendor or product information limits precise identification of affected environments, but the presence of a web controller component suggests a web application context, likely deployed in enterprise or organizational settings where Kbase Doc v1.0 is used for knowledge base management or documentation purposes.
Potential Impact
For European organizations, the arbitrary file deletion vulnerability poses significant risks to operational continuity and data integrity. Successful exploitation can lead to deletion of critical configuration files, application data, or system files, resulting in service outages, data loss, or corruption. This can disrupt business processes, especially for organizations relying on Kbase Doc for internal knowledge management or customer support documentation. The lack of authentication and user interaction requirements increases the threat surface, allowing remote attackers to cause damage without insider access or social engineering. Sectors with high dependency on web-based documentation platforms, such as government agencies, financial institutions, healthcare providers, and large enterprises, may face heightened risks. Additionally, the potential for availability impact could be leveraged in targeted attacks aiming to disrupt services or cause reputational damage. Although no known exploits are reported, the critical severity and ease of exploitation necessitate urgent attention to prevent potential future attacks.
Mitigation Recommendations
Given the absence of official patches or vendor advisories, European organizations should implement the following specific mitigations: 1) Conduct immediate code review and audit of the /web/IndexController.java component to identify and remediate path traversal vulnerabilities by enforcing strict input validation and sanitization on all file path parameters. 2) Implement web application firewall (WAF) rules to detect and block suspicious path traversal patterns or file deletion attempts targeting the vulnerable endpoint. 3) Restrict file system permissions for the application process to the minimum necessary, preventing deletion of critical system or application files even if exploited. 4) Employ network segmentation and access controls to limit exposure of the vulnerable application to untrusted networks. 5) Monitor application and system logs for unusual file deletion activities or access patterns indicative of exploitation attempts. 6) Prepare incident response plans to quickly restore deleted files from backups and mitigate service disruptions. 7) Engage with the vendor or community to obtain or develop patches and update affected systems promptly once available.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- mitre
- Date Reserved
- 2022-11-14T00:00:00.000Z
- Cisa Enriched
- true
Threat ID: 682d9847c4522896dcbf5b05
Added to database: 5/21/2025, 9:09:27 AM
Last enriched: 6/21/2025, 6:08:24 PM
Last updated: 8/4/2025, 12:34:28 AM
Views: 13
Related Threats
CVE-2025-8950: SQL Injection in Campcodes Online Recruitment Management System
MediumCVE-2025-27388: CWE-20 Improper Input Validation in OPPO OPPO HEALTH APP
HighCVE-2025-8949: Stack-based Buffer Overflow in D-Link DIR-825
HighCVE-2025-8948: SQL Injection in projectworlds Visitor Management System
MediumCVE-2025-8947: SQL Injection in projectworlds Visitor Management System
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.