{"id":"CVE-2022-27438","details":"Caphyon Ltd Advanced Installer 19.3 and earlier and many products that use the updater from Advanced Installer (Advanced Updater) are affected by a remote code execution vulnerability via the CustomDetection parameter in the update check function. To exploit this vulnerability, a user must start an affected installation to trigger the update check.","modified":"2026-04-10T04:47:40.694658Z","published":"2022-06-06T23:15:07.920Z","references":[{"type":"WEB","url":"http://advanced.com"},{"type":"WEB","url":"http://caphyon.com"},{"type":"FIX","url":"https://www.advancedinstaller.com/security-updates-auto-updater.html"},{"type":"EVIDENCE","url":"https://gerr.re/posts/cve-2022-27438/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/prusa3d/prusaslicer","events":[{"introduced":"0"},{"last_affected":"d7105dabf1db80e1babbb5d4cb386cd747c46364"},{"introduced":"0"},{"last_affected":"3ba8e0f36948276d3620a8627449e17f183ced54"},{"introduced":"0"},{"last_affected":"c2ba5901e46ec7c6773c27453965ea6ddb5427ff"},{"introduced":"0"},{"last_affected":"c2ba5901e46ec7c6773c27453965ea6ddb5427ff"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.4.2"},{"introduced":"0"},{"last_affected":"1.3.0"},{"introduced":"0"},{"last_affected":"1.33.0"},{"introduced":"0"},{"last_affected":"1.33.0"}]}},{"type":"GIT","repo":"https://github.com/vpnhood/vpnhood","events":[{"introduced":"0"},{"last_affected":"db636c50dc49377b316586bfa2179da99e7e919f"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.4.299"}]}}],"versions":["0.5.0","0.5.1","0.5.2","0.5.3","0.5.4","0.5.5","0.5.5a","0.5.5b","0.5.6","0.5.7","0.6.0","0.7.0","0.7.1","0.7.2b","0.8.0","0.8.1","0.8.2","0.8.3","0.8.4","0.9.0","0.9.1","0.9.2","0.9.3","0.9.4","0.9.5","0.9.7","0.9.9","1.0.0RC1","1.1.0","1.1.1","1.1.2","1.1.3","1.1.4","1.2.0","1.2.1","1.2.2","1.2.3","1.2.4","1.2.5","1.2.6","1.2.7","1.2.8","1.2.9","1.3.0","for_change_log_1.40.0-alpha1","v1.1.100-beta.2","v1.1.101-beta.2","v1.1.102-beta","v1.1.132-beta","v1.1.133-beta","v1.1.135-beta","v1.1.138-beta","v1.1.176-beta","v1.1.177-beta","v1.1.183-beta","v1.1.184-beta","v1.1.187-beta","v1.1.195-beta","v1.1.197-beta","v1.1.202-beta","v1.1.213-beta","v1.1.216-beta","v1.1.217-beta","v1.1.232-beta","v1.1.235-beta","v1.1.236-beta","v1.1.237-beta","v1.1.238-beta","v1.1.24-beta","v1.1.240","v1.1.240-beta","v1.1.241","v1.1.242","v1.1.75-beta","v1.1.91-beta","v1.1.92-Beta","v1.2.247","v1.2.248","v1.2.249","v1.2.250","v1.3.253","v1.3.254","v2.0.271","v2.0.272","v2.1.276","v2.2.283","v2.3.287","v2.3.289","v2.3.290","v2.3.291","v2.4.292","v2.4.295","v2.4.296","v2.4.297","v2.4.299","version.2.3.1","version_1.30.0","version_1.31.0","version_1.31.1","version_1.31.2","version_1.31.3","version_1.31.4","version_1.31.5","version_1.31.6","version_1.33.0","version_1.33.1","version_1.33.2","version_1.33.3","version_1.33.4","version_1.33.5","version_1.33.6","version_1.33.7","version_1.33.8","version_1.34.0","version_1.34.1","version_1.34.1.24","version_1.35.0","version_1.35.1","version_1.35.2","version_1.35.3","version_1.35.4","version_1.35.5","version_1.36.0","version_1.36.1","version_1.37.0","version_1.37.1","version_1.38.0","version_1.38.1","version_1.38.2","version_1.38.3","version_1.38.4","version_1.38.5","version_1.38.6","version_1.39.0","version_1.39.1-alpha","version_1.39.1-beta","version_1.40.0","version_1.40.0-alpha","version_1.40.0-alpha1","version_1.40.0-alpha2","version_1.40.0-beta","version_1.40.0-rc","version_1.41.2","version_1.41.3","version_2.1.1","version_2.1.1-beta0","version_2.1.1-rc","version_2.3.1","version_2.3.1-beta","version_2.3.1-rc","version_2.3.2","version_2.3.2-alpha0","version_2.3.2-beta","version_2.3.2-rc","version_2.3.3","version_2.4.1","version_2.4.1-beta2","version_2.4.1-beta3","version_2.4.1-rc1","version_2.4.2","version_2.4.2-rc1","version_2.4.2-rc2"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"19.4"}]},{"events":[{"introduced":"0"},{"last_affected":"18.2.13"}]},{"events":[{"introduced":"0"},{"last_affected":"2.1.23"}]},{"events":[{"introduced":"0"},{"last_affected":"2.2.1"}]},{"events":[{"introduced":"0"},{"last_affected":"4.0"}]},{"events":[{"introduced":"0"},{"last_affected":"3.8.5"}]},{"events":[{"introduced":"0"},{"last_affected":"21.3.0"}]},{"events":[{"introduced":"0"},{"last_affected":"4.2.19.0"}]},{"events":[{"introduced":"0"},{"last_affected":"5.6.0.0"}]},{"events":[{"introduced":"0"},{"last_affected":"1.1.12.0"}]},{"events":[{"introduced":"0"},{"last_affected":"2020.3.15.1304"}]},{"events":[{"introduced":"0"},{"last_affected":"4.0.2109.2802"}]},{"events":[{"introduced":"0"},{"last_affected":"2.9.50.0"}]},{"events":[{"introduced":"0"},{"last_affected":"1.0.5.0"}]},{"events":[{"introduced":"0"},{"last_affected":"0.10.7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"21.1.2754"}]},{"events":[{"introduced":"0"},{"last_affected":"28.2.18"}]},{"events":[{"introduced":"0"},{"last_affected":"3.70.69"}]},{"events":[{"introduced":"0"},{"last_affected":"3.31.107"}]},{"events":[{"introduced":"0"},{"last_affected":"1.20.05"}]},{"events":[{"introduced":"0"},{"last_affected":"3.70.69"}]},{"events":[{"introduced":"0"},{"last_affected":"2.02.34"}]},{"events":[{"introduced":"0"},{"last_affected":"3.70.69"}]},{"events":[{"introduced":"0"},{"last_affected":"20.10.1"}]},{"events":[{"introduced":"0"},{"last_affected":"1.6.238.16010"}]},{"events":[{"introduced":"0"},{"last_affected":"8.0.6"}]},{"events":[{"introduced":"0"},{"last_affected":"4.1.4"}]},{"events":[{"introduced":"0"},{"last_affected":"4.0.2"}]},{"events":[{"introduced":"0"},{"last_affected":"1.9.6"}]},{"events":[{"introduced":"0"},{"last_affected":"1.4.1"}]},{"events":[{"introduced":"0"},{"fixed":"10.3.6400.0"}]},{"events":[{"introduced":"0"},{"last_affected":"2.2.5"}]},{"events":[{"introduced":"0"},{"last_affected":"1.16.116"}]},{"events":[{"introduced":"0"},{"last_affected":"1.20.16"}]},{"events":[{"introduced":"0"},{"last_affected":"3.0.2001.801"}]},{"events":[{"introduced":"0"},{"last_affected":"2.48.9"}]},{"events":[{"introduced":"0"},{"last_affected":"1.05.0"}]},{"events":[{"introduced":"0"},{"last_affected":"1.19.4.0"}]},{"events":[{"introduced":"0"},{"last_affected":"1.19.4.0"}]},{"events":[{"introduced":"0"},{"last_affected":"1.19.4.0"}]},{"events":[{"introduced":"0"},{"last_affected":"1.19.4.0"}]},{"events":[{"introduced":"0"},{"last_affected":"1.19.4.0"}]},{"events":[{"introduced":"0"},{"last_affected":"1.19.4.0"}]},{"events":[{"introduced":"0"},{"last_affected":"1.19.4.0"}]},{"events":[{"introduced":"0"},{"last_affected":"1.19.4.0"}]},{"events":[{"introduced":"0"},{"last_affected":"1.19.4.0"}]},{"events":[{"introduced":"0"},{"last_affected":"1.19.4.0"}]},{"events":[{"introduced":"0"},{"last_affected":"1.19.4.0"}]},{"events":[{"introduced":"0"},{"last_affected":"1.19.4.0"}]},{"events":[{"introduced":"0"},{"last_affected":"1.19.4.0"}]},{"events":[{"introduced":"0"},{"last_affected":"1.19.4.0"}]},{"events":[{"introduced":"0"},{"last_affected":"1.19.4.0"}]},{"events":[{"introduced":"0"},{"last_affected":"1.19.4.0"}]},{"events":[{"introduced":"0"},{"last_affected":"1.19.4.0"}]},{"events":[{"introduced":"0"},{"last_affected":"1.20.1"}]},{"events":[{"introduced":"0"},{"last_affected":"1.20.1"}]},{"events":[{"introduced":"0"},{"last_affected":"1.4.0.2"}]},{"events":[{"introduced":"0"},{"last_affected":"1.4.0.2"}]},{"events":[{"introduced":"0"},{"last_affected":"1.4.0.2"}]},{"events":[{"introduced":"0"},{"last_affected":"1.4.0.2"}]},{"events":[{"introduced":"0"},{"last_affected":"1.4.0.2"}]},{"events":[{"introduced":"0"},{"last_affected":"1.4.0.2"}]},{"events":[{"introduced":"0"},{"last_affected":"1.4.0.2"}]},{"events":[{"introduced":"0"},{"last_affected":"1.4.0.2"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-27438.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}