{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-24T13:02:39.284","vulnerabilities":[{"cve":{"id":"CVE-2022-0072","sourceIdentifier":"psirt@paloaltonetworks.com","published":"2022-10-27T20:15:12.417","lastModified":"2026-06-17T04:19:56.143","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Directory Traversal vulnerability in LiteSpeed Technologies OpenLiteSpeed Web Server and LiteSpeed Web Server dashboards allows Path Traversal. This affects versions from 1.5.11 through 1.5.12, from 1.6.5 through 1.6.20.1, from 1.7.0 before 1.7.16.1"},{"lang":"es","value":"Vulnerabilidad de Directory Traversal en LiteSeep Technologies OpenLiteSpeed ??Web Server y LiteSpeed ??Web Server permite Path Traversal. Esto afecta a las versiones desde la 1.5.11 hasta la 1.5.12, desde la 1.6.5 hasta la 1.6.20.1, desde la 1.7.0 anterior a la 1.7.16.1."}],"affected":[{"source":"psirt@paloaltonetworks.com","affectedData":[{"vendor":"LiteSpeed Technologies","product":"OpenLiteSpeed Web Server","defaultStatus":"unaffected","repo":"https://github.com/litespeedtech/openlitespeed","versions":[{"version":"1.5.11","lessThanOrEqual":"1.5.12","versionType":"custom","status":"affected"},{"version":"1.6.5","lessThanOrEqual":"1.6.20.1","versionType":"custom","status":"affected"},{"version":"1.7.0","lessThan":"1.7.16.1","versionType":"custom","status":"affected"}]},{"vendor":"LiteSpeed Technologies","product":"LiteSpeed Web Server","defaultStatus":"unaffected","versions":[{"version":"1.5.11","lessThanOrEqual":"1.5.12","versionType":"custom","status":"affected"},{"version":"1.6.5","lessThanOrEqual":"1.6.20.1","versionType":"custom","status":"affected"},{"version":"1.7.0","lessThan":"1.7.16.1","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"psirt@paloaltonetworks.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N","baseScore":5.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N","baseScore":5.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":1.4}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-05-09T19:18:00.655604Z","id":"CVE-2022-0072","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"psirt@paloaltonetworks.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:litespeedtech:openlitespeed:*:*:*:*:*:*:*:*","versionStartIncluding":"1.6.5","versionEndIncluding":"1.6.20.1","matchCriteriaId":"0FD4E9B6-0BFE-44D2-83AA-1EFBDC0BC2AB"},{"vulnerable":true,"criteria":"cpe:2.3:a:litespeedtech:openlitespeed:*:*:*:*:*:*:*:*","versionStartIncluding":"1.7.0","versionEndExcluding":"1.7.16.1","matchCriteriaId":"96987D69-D7A7-4ACD-81B9-339C096AD9D8"},{"vulnerable":true,"criteria":"cpe:2.3:a:litespeedtech:openlitespeed:1.5.11:*:*:*:*:*:*:*","matchCriteriaId":"093A8797-4DA4-4B8A-B9FE-1D7CD11225AE"},{"vulnerable":true,"criteria":"cpe:2.3:a:litespeedtech:openlitespeed:1.5.12:*:*:*:*:*:*:*","matchCriteriaId":"75720FC7-7158-4301-A055-E292CEDFF4DB"}]}]}],"references":[{"url":"https://github.com/litespeedtech/openlitespeed/blob/v1.7.16.1/src/main/httpserver.cpp#L2060-L2061","source":"psirt@paloaltonetworks.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/litespeedtech/openlitespeed/blob/v1.7.16/src/main/httpserver.cpp#L2060-L2061","source":"psirt@paloaltonetworks.com","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/litespeedtech/openlitespeed/blob/v1.7.16.1/src/main/httpserver.cpp#L2060-L2061","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://github.com/litespeedtech/openlitespeed/blob/v1.7.16/src/main/httpserver.cpp#L2060-L2061","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}