Approved changes feed: RSS · Atom

cpe:2.3:a:changingtec:servisign:-:*:*:*:*:*:*:*

part: a version: - update: *

VendorChangingtec (18f21f46-eb93-56c8-9223-cca8102f6551)
ProductServisign (5cd77de5-d364-5c50-b000-796de9e38467)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2022-46306 vulnerable 2026-06-08 05:50:38.594800 ChangingTec ServiSign - Path Traversal
HIGH (8.8)
ChangingTec ServiSign component has a path traversal vulnerability due to insufficient filtering for special characters in the DLL file path. An unauthenticated remote attacker can host a malicious website for the component user to access, which triggers the component to load malicious DLL files under arbitrary file path and allows the attacker to perform arbitrary system operation and disrupt of service.
Published: 2023-01-03T00:00:00.000Z
Updated: 2025-04-10T16:29:15.283Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-46305 vulnerable 2026-06-08 05:50:38.594355 ChangingTec ServiSign - Path Traversal
MEDIUM (6.5)
ChangingTec ServiSign component has a path traversal vulnerability. An unauthenticated LAN attacker can exploit this vulnerability to bypass authentication and access arbitrary system files.
Published: 2023-01-03T00:00:00.000Z
Updated: 2025-04-10T16:29:34.892Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-46304 vulnerable 2026-06-08 05:50:38.593811 ChangingTec ServiSign - Command Injection
HIGH (8.8)
ChangingTec ServiSign component has insufficient filtering for special characters in the connection response parameter. An unauthenticated remote attacker can host a malicious website for the component user to access, which triggers command injection and allows the attacker to execute arbitrary system command to perform arbitrary system operation or disrupt service.
Published: 2023-01-03T00:00:00.000Z
Updated: 2025-04-10T17:46:14.271Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.