cvedb.io
CVE-2022-45184
HIGH · CVSS 7.2
EPSS exploitation probability: 0%
Published 2022-11-14T08:15:09.587 · Last modified 2026-06-17T05:09:35.077

Summary

The Web Server in Ironman Software PowerShell Universal v3.x and v2.x allows for directory traversal outside of the configuration directory, which allows a remote attacker with administrator privilege to create, delete, update, and display files outside of the configuration directory via a crafted HTTP request to particular endpoints in the web server. Patched Versions are 3.5.3 and 3.4.7.

Affected products

ironmansoftware — powershell_universal

Does this affect you?

Add your gear to cvedb and we'll alert you only when ironmansoftware ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.