How severe is CVE-2022-1230?

This vulnerability has a severity rating of LOW with a CVSS score of 3.9 out of 10.

What type of vulnerability is CVE-2022-1230?

This is classified as CWE-601, which is a common weakness in software security.

CVE-2022-1230 - LOW Severity | CVSS 3.9

Vulnerability Description

This vulnerability allows local attackers to execute arbitrary code on affected installations of Samsung Galaxy S21 prior to 4.5.40.5 phones. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of redirections. An attacker can force a redirection to a site that serves malicious content. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the current user. Was ZDI-CAN-15918.

Related Vulnerabilities

CVE-2024-28076

LOW

CVSS:3.8(Low)

The SolarWinds Platform was susceptible to a Arbitrary Open Redirection Vulnerability. A potential attacker can redirect to different domain when using URL parameter with relative entry in the correct...

CWE-6012024

CVE-2023-34247

MEDIUM

CVSS:4.1(Medium)

Keystone is a content management system for Node.JS. There is an open redirect in the `@keystone-6/auth` package versions 7.0.0 and prior, where the redirect leading `/` filter can be bypassed. Users ...

CWE-6012023

CVE-2024-32078

MEDIUM

CVSS:4.1(Medium)

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Foliovision FV Flowplayer Video Player.This issue affects FV Flowplayer Video Player: from n/a through 7.5.44.7212.

CWE-6012024

CVE-2025-30164

MEDIUM

CVSS:4.1(Medium)

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. A vulnerability in versions prior to 2.11.5 and 2.12.13 vulnerability allows an attacker to craft a URL t...

CWE-6012025

CVE-2019-11269

MEDIUM

CVSS:4.2(Medium)

Spring Security OAuth versions 2.3 prior to 2.3.6, 2.2 prior to 2.2.5, 2.1 prior to 2.1.5, and 2.0 prior to 2.0.18, as well as older unsupported versions could be susceptible to an open redirector att...

CWE-6012019

CVE-2018-11784

MEDIUM

CVSS:4.3(Medium)

When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/fo...

CWE-6012018