cvedb.io
CVE-2022-30470
CRITICAL · CVSS 9.8
EPSS exploitation probability: 0%
Published 2022-06-02T14:15:52.973 · Last modified 2026-06-17T04:43:42.020

Summary

In Afian Filerun 20220202 Changing the "search_tika_path" variable to a custom (and previously uploaded) jar file results in remote code execution in the context of the webserver user.

Affected products

afian — filerun

Does this affect you?

Add your gear to cvedb and we'll alert you only when afian ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.