CVE-2022-24573

EPSS 0.39% · P60 Updated Feb 25, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-24573

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

A stored cross-site scripting (XSS) vulnerability in the admin interface in Element-IT HTTP Commander 7.0.0 allows unauthenticated users to get admin access by injecting a malicious script in the User-Agent field.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Element-IT HTTP Commander 跨站脚本漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Element-IT HTTP Commander是德国Element-IT公司的托管在服务器上的基于 Web 的文件管理解决方案。它提供了处理文件的基本功能（创建、复制、删除等）和许多其他附加功能，例如与云服务的集成、直接在浏览器中在线编辑 Office 文档、标签、评论等。 Element-IT HTTP Commander 7.0.0版本存在安全漏洞，攻击者可利用该漏洞通过在用户代理字段中注入恶意脚本来获得管理访问权限。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2022-24573

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2022-24573

请登录查看更多情报信息。

http://element-it.comx_refsource_MISC
https://nvd.nist.gov/vuln/detail/CVE-2022-24573

Same Patch Batch · n/a · 2022-03-03 · 37 CVEs total

CVE-2021-45819	6.4 MEDIUM	Wordline HIDCCEMonitorSVC 代码问题漏洞
CVE-2021-3609		Linux kernel 竞争条件问题漏洞
CVE-2022-26127		FRRouting FRR 缓冲区错误漏洞
CVE-2022-26128		FRRouting FRR 缓冲区错误漏洞
CVE-2022-26129		FRRouting FRR 缓冲区错误漏洞
CVE-2022-23898		MingSoft Mcms SQL注入漏洞
CVE-2022-23899		MingSoft Mcms SQL注入漏洞
CVE-2022-25125		MingSoft Mcms SQL注入漏洞
CVE-2022-22700		CyberArk Identity 安全特征问题漏洞
CVE-2021-3620		Red Hat Ansible 安全漏洞
CVE-2022-25138		Axelor Open Suite 跨站脚本漏洞
CVE-2021-3602		Buildah 信息泄露漏洞
CVE-2021-3762		Clair 路径遍历漏洞
CVE-2021-4002		Linux kernel 安全漏洞
CVE-2022-23051		PeTeReport 跨站脚本漏洞
CVE-2022-23052		PeTeReport 跨站请求伪造漏洞
CVE-2022-25220		PeTeReport 跨站脚本漏洞
CVE-2022-22943		VMware Tools for Windows 代码问题漏洞
CVE-2021-3640		Linux kernel 资源管理错误漏洞
CVE-2022-23849		Devolutions Password Hub 授权问题漏洞

Showing top 20 of 37 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2022-24573

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2022-24573

I. Basic Information for CVE-2022-24573

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2022-24573

III. Intelligence Information for CVE-2022-24573

Same Patch Batch · n/a · 2022-03-03 · 37 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2022-24573

Leave a comment