Unauthenticated Remote Code Execution in VIAVIWEB Wallpaper Admin 1.0
CVE-2022-50893

9.3CRITICAL

Key Information:

Vendor

Viaviweb

Status
Viaviweb Wallpaper Admin
Vendor
CVE Published:
13 January 2026

Badges

๐Ÿ‘พ Exploit Exists

What is CVE-2022-50893?

The VIAVIWEB Wallpaper Admin 1.0 application is susceptible to an unauthenticated remote code execution vulnerability. This flaw allows attackers to upload malicious PHP files via the image upload functionality, specifically through the add_gallery_image.php endpoint. By exploiting this vulnerability, an attacker can execute arbitrary code on the server, potentially leading to unauthorized access and control over the system.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

VIAVIWEB Wallpaper Admin 1.0

References

https://www.exploit-db.com/exploits/51033
exploit
https://www.viaviweb.com
product
https://www.vulncheck.com/advisories/viaviweb-wallpaper-a...
third-party-advisory

CVSS V4

Score:
9.3
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • ๐ŸŸก

    Public PoC available

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

[Edd13Mora]
JSON
.