How severe is CVE-2022-50911?

CVE-2022-50911 has a CVSS v3 score of 8.8 (HIGH).

CVE-2022-50911

8.8HIGH

Bitrix24 contains an authenticated remote code execution vulnerability that allows logged-in attackers to execute arbitrary system commands through the PHP command line admin interface. Attackers can

게시됨: 1/13/2026업데이트됨: 1/14/2026

설명

Bitrix24 contains an authenticated remote code execution vulnerability that allows logged-in attackers to execute arbitrary system commands through the PHP command line admin interface. Attackers can leverage the vulnerability by sending crafted POST requests to the administrative endpoint with system commands to execute code with the web application's privileges.

AI 분석AI 기반

참조

https://www.bitrix24.com/apps/desktop.php
https://www.exploit-db.com/exploits/50898
https://www.vulncheck.com/advisories/bitrix-remote-code-execution-rce-authenticated