CVE-2022-28109

EPSS 0.35% · P58 Updated Feb 25, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-28109

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Selenium Selenium Grid (formerly Selenium Standalone Server) Fixed in 4.0.0-alpha-7 is affected by: DNS rebinding. The impact is: execute arbitrary code (remote). The component is: WebDriver endpoint of Selenium Grid / Selenium Standalone Server. The attack vector is: Triggered by browsing to to a malicious remote web server. The WebDriver endpoint of Selenium Server (Grid) is vulnerable to DNS rebinding. This can be used to execute arbitrary code on the machine.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Selenium Grid 跨站请求伪造漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Selenium Grid是Selenium社区的一个智能代理服务器。可以轻松地在多台机器上并行运行测试。 Selenium Grid 存在安全漏洞，该漏洞源于组件Selenium Grid/Selenium Standalone Server DNS重新绑定存在问题。攻击者可以通过恶意远程Web服务器利用该漏洞实现任意代码执行。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2022-28109

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2022-28109

请登录查看更多情报信息。

https://www.openwall.com/lists/oss-security/2022/02/07/3x_refsource_MISC
https://www.gabriel.urdhr.fr/2022/02/07/selenium-standalone-server-csrf-dns-rebinding-rce/x_refsource_MISC
http://www.openwall.com/lists/oss-security/2022/04/16/1mailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2022-28109

Same Patch Batch · n/a · 2022-04-15 · 67 CVEs total

CVE-2022-24279	7.5 HIGH	Prototype Pollution
CVE-2022-29287	4.9 MEDIUM	Kentico 安全漏洞
CVE-2022-27425		Chamilo LMS 跨站脚本漏洞
CVE-2021-44494		YottaDB 代码问题漏洞
CVE-2022-27423		Chamilo LMS SQL注入漏洞
CVE-2021-44508		FIS GT.M 代码问题漏洞
CVE-2021-44506		FIS GT.M 代码问题漏洞
CVE-2022-27257		Hubzilla 安全漏洞
CVE-2021-44505		FIS GT.M 代码问题漏洞
CVE-2021-44504		FIS GT.M 安全漏洞
CVE-2021-44503		FIS GT.M 缓冲区错误漏洞
CVE-2021-44502		FIS GT.M 安全漏洞
CVE-2021-44501		FIS GT.M 代码问题漏洞
CVE-2021-44500		FIS GT.M数字错误漏洞
CVE-2021-44499		FIS GT.M 缓冲区错误漏洞
CVE-2021-44498		FIS GT.M 代码问题漏洞
CVE-2021-44497		FIS GT.M 资源管理错误漏洞
CVE-2021-44496		YottaDB缓冲区错误漏洞
CVE-2021-44495		YottaDB 代码问题漏洞
CVE-2021-44493		YottaDB 安全漏洞

Showing top 20 of 67 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2022-28109

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2022-28109

I. Basic Information for CVE-2022-28109

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2022-28109

III. Intelligence Information for CVE-2022-28109

Same Patch Batch · n/a · 2022-04-15 · 67 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2022-28109

Leave a comment