← back
CVE-2022-28339

CVE-2022-28339

CVSS 7.3 HIGHEPSS 0.3%CWE-427
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.3EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
22 Feb 2025Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Trend Micro HouseCall for Home Networks version 5.3.1302 and below contains an uncontrolled search patch element vulnerability that could allow an attacker with low user privileges to create a malicious DLL that could lead to escalated privileges.
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Affected products
Trend Micro, Inc. · Trend Micro HouseCall for Home Networks

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://helpcenter.trendmicro.com/en-us/article/tmka-21734https://www.zerodayinitiative.com/advisories/ZDI-22-620/