Exploit for #VU70148 Insufficient UI Warning of Dangerous Operations in Mozilla Firefox and Firefox ESR

Cybersecurity Help s.r.o.

Published: 2023-01-16

Vulnerability identifier: #VU70148

Vulnerability risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Green]

CVE-ID: CVE-2022-46875

CWE-ID: CWE-357

Exploitation vector: Network

Exploits in database: 1

January 16, 2023
- SSD Advisory - MacOS Mozilla Firefox Download Protections were bypassed by .atloc / .ftploc Files - SSD Secure Disclosure [SSD]

Vulnerable software:
Mozilla Firefox
Client/Desktop applications / Web browsers
Firefox ESR
Client/Desktop applications / Web browsers

Vendor: Mozilla