CVE-2022-0828 - Vulnerability Details

Vendors	Products
W3eden	Download Manager

Link	Providers
https://wpscan.com/vulnerability/7f0742ad-6fd7-4258-9e44-d42e138789bb

Type	Values Removed	Values Added
First Time appeared		W3eden W3eden download Manager
CPEs	cpe:2.3:a:wpdownloadmanager:wordpress_download_manager::::::wordpress::*	cpe:2.3:a:w3eden:download_manager::::::wordpress::*
Vendors & Products	Wpdownloadmanager Wpdownloadmanager wordpress Download Manager	W3eden W3eden download Manager

Show plain JSON

{"containers": {"cna": {"providerMetadata": {"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan", "dateUpdated": "2023-07-25T07:16:59.256Z"}, "title": "Download Manager < 3.2.39 - Unauthenticated brute force of files master key", "problemTypes": [{"descriptions": [{"description": "CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)", "lang": "en", "type": "CWE"}]}], "affected": [{"vendor": "Unknown", "product": "Download Manager", "versions": [{"status": "affected", "versionType": "custom", "version": "0", "lessThan": "3.2.34"}], "defaultStatus": "unaffected", "collectionURL": "https://wordpress.org/plugins"}], "descriptions": [{"lang": "en", "value": "The Download Manager WordPress plugin before 3.2.34 uses the uniqid php function to generate the master key for a download, allowing an attacker to brute force the key with reasonable resources giving direct download access regardless of role based restrictions or password protections set for the download."}], "references": [{"url": "https://wpscan.com/vulnerability/7f0742ad-6fd7-4258-9e44-d42e138789bb", "tags": ["exploit", "vdb-entry", "technical-description"]}], "credits": [{"lang": "en", "value": "Diogo Real", "type": "finder"}, {"lang": "en", "value": "WPScan", "type": "coordinator"}], "source": {"discovery": "EXTERNAL"}, "x_generator": {"engine": "WPScan CVE Generator"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:40:04.424Z"}, "title": "CVE Program Container", "references": [{"url": "https://wpscan.com/vulnerability/7f0742ad-6fd7-4258-9e44-d42e138789bb", "tags": ["exploit", "vdb-entry", "technical-description", "x_transferred"]}]}]}, "cveMetadata": {"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "assignerShortName": "WPScan", "cveId": "CVE-2022-0828", "datePublished": "2022-04-11T14:40:50", "dateReserved": "2022-03-02T00:00:00", "dateUpdated": "2024-08-02T23:40:04.424Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

providerMetadata : { »

orgId : 1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81 (string)

shortName : WPScan (string)

dateUpdated : 2023-07-25T07:16:59.256Z (string)

}

title : Download Manager < 3.2.39 - Unauthenticated brute force of files master key (string)

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) (string)

lang : en (string)

type : CWE (string)

}

]

}

]

affected : [ »

0 : { »

vendor : Unknown (string)

product : Download Manager (string)

versions : [ »

0 : { »

status : affected (string)

versionType : custom (string)

version : 0 (string)

lessThan : 3.2.34 (string)

}

]

defaultStatus : unaffected (string)

collectionURL : https://wordpress.org/plugins (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : The Download Manager WordPress plugin before 3.2.34 uses the uniqid php function to generate the master key for a download, allowing an attacker to brute force the key with reasonable resources giving direct download access regardless of role based restrictions or password protections set for the download. (string)

}

]

references : [ »

0 : { »

url : https://wpscan.com/vulnerability/7f0742ad-6fd7-4258-9e44-d42e138789bb (string)

tags : [ »

0 : exploit (string)

1 : vdb-entry (string)

2 : technical-description (string)

]

}

]

credits : [ »

0 : { »

lang : en (string)

value : Diogo Real (string)

type : finder (string)

}

1 : { »

lang : en (string)

value : WPScan (string)

type : coordinator (string)

}

]

source : { »

discovery : EXTERNAL (string)

}

x_generator : { »

engine : WPScan CVE Generator (string)

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T23:40:04.424Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://wpscan.com/vulnerability/7f0742ad-6fd7-4258-9e44-d42e138789bb (string)

tags : [ »

0 : exploit (string)

1 : vdb-entry (string)

2 : technical-description (string)

3 : x_transferred (string)

]

}

]

}

]

}

cveMetadata : { »

assignerOrgId : 1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81 (string)

assignerShortName : WPScan (string)

cveId : CVE-2022-0828 (string)

datePublished : 2022-04-11T14:40:50 (string)

dateReserved : 2022-03-02T00:00:00 (string)

dateUpdated : 2024-08-02T23:40:04.424Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:w3eden:download_manager:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "4814C371-F29B-4D55-BDD7-8ACEF3C94849", "versionEndExcluding": "3.2.34", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Download Manager WordPress plugin before 3.2.34 uses the uniqid php function to generate the master key for a download, allowing an attacker to brute force the key with reasonable resources giving direct download access regardless of role based restrictions or password protections set for the download."}, {"lang": "es", "value": "El plugin Download Manager de WordPress versiones anteriores a 3.2.39, usa la funci\u00f3n php uniqid para generar la clave maestra para una descarga, permitiendo a un atacante forzar la clave con recursos razonables dando acceso directo a la descarga independientemente de las restricciones basadas en el rol o las protecciones de contrase\u00f1a establecidas para la descarga"}], "id": "CVE-2022-0828", "lastModified": "2025-03-21T16:07:09.227", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-04-11T15:15:08.480", "references": [{"source": "contact@wpscan.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://wpscan.com/vulnerability/7f0742ad-6fd7-4258-9e44-d42e138789bb"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://wpscan.com/vulnerability/7f0742ad-6fd7-4258-9e44-d42e138789bb"}], "sourceIdentifier": "contact@wpscan.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-338"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:a:w3eden:download_manager:*:*:*:*:*:wordpress:*:* (string)

matchCriteriaId : 4814C371-F29B-4D55-BDD7-8ACEF3C94849 (string)

versionEndExcluding : 3.2.34 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

}

]

cveTags : [ *empty* ]

descriptions : [ »

0 : { »

lang : en (string)

value : The Download Manager WordPress plugin before 3.2.34 uses the uniqid php function to generate the master key for a download, allowing an attacker to brute force the key with reasonable resources giving direct download access regardless of role based restrictions or password protections set for the download. (string)

}

1 : { »

lang : es (string)

value : El plugin Download Manager de WordPress versiones anteriores a 3.2.39, usa la función php uniqid para generar la clave maestra para una descarga, permitiendo a un atacante forzar la clave con recursos razonables dando acceso directo a la descarga independientemente de las restricciones basadas en el rol o las protecciones de contraseña establecidas para la descarga (string)

}

]

id : CVE-2022-0828 (string)

lastModified : 2025-03-21T16:07:09.227 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : false (boolean)

baseSeverity : MEDIUM (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : NETWORK (string)

authentication : NONE (string)

availabilityImpact : NONE (string)

baseScore : 5 (number)

confidentialityImpact : PARTIAL (string)

integrityImpact : NONE (string)

vectorString : AV:N/AC:L/Au:N/C:P/I:N/A:N (string)

version : 2.0 (string)

}

exploitabilityScore : 10 (number)

impactScore : 2.9 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : NETWORK (string)

availabilityImpact : NONE (string)

baseScore : 7.5 (number)

baseSeverity : HIGH (string)

confidentialityImpact : HIGH (string)

integrityImpact : NONE (string)

privilegesRequired : NONE (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N (string)

version : 3.1 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 3.6 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2022-04-11T15:15:08.480 (string)

references : [ »

0 : { »

source : contact@wpscan.com (string)

tags : [ »

0 : Exploit (string)

1 : Third Party Advisory (string)

]

url : https://wpscan.com/vulnerability/7f0742ad-6fd7-4258-9e44-d42e138789bb (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Exploit (string)

1 : Third Party Advisory (string)

]

url : https://wpscan.com/vulnerability/7f0742ad-6fd7-4258-9e44-d42e138789bb (string)

}

]

sourceIdentifier : contact@wpscan.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-338 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object