CVE-2022-3322


Lock WARP switch bypass on WARP mobile client using iOS quick action

Lock Warp switch is a feature of Zero Trust platform which, when enabled, prevents users of enrolled devices from disabling WARP client. Due to insufficient policy verification by WARP iOS client, this feature could be bypassed by using the "Disable WARP" quick action.


We have discovered 180 live websites that are affected by CVE-2022-3322.

Contact us to get more info



Affected Software

Product  Warp
Category Web Servers
Vulnerable Versions
  • from 0 before 6.14
Total Vulnerable Versions38
Vulnerable Domains180 live websites (100.00% of Warp install base)


Common Weakness Enumeration


CWE-862 Missing Authorization


Distribution by Website Rank

The diagram provides a graphic representation of the correlation between the occurrence of CVE-2022-3322 and the relative popularity of websites


Details

  • Published - Oct 28, 2022

Credits

  • Josh (joshmotionfans) (finder)





Countries

United States79 websites


Germany50 websites
France11 websites
GB6 websites
Singapore5 websites
Sweden4 websites
Australia3 websites
2 websites
Canada2 websites
Switzerland2 websites

TLDs

.com67 websites
.de27 websites
.net18 websites
.org14 websites
.io9 websites
.se4 websites
.fr4 websites
.ch2 websites
.co.uk2 websites
.info2 websites

Vulnerable Versions

Vulnerable versions are highlighted in red


Geographical Distribution

The distribution of websites across the globe that are exposed to CVE-2022-3322 through included software libraries and plugins.



References


Websites affected by CVE-2022-3322

Top websites that are affected by CVE-2022-3322. Please click on the "Contact us" button above to get more information.
DomainCountryRankContacts
*********.coop United States***,***
*.****.com United States***,***
***.**********.com United States***,***
**********************.org GB***,***
**************.se Sweden*,***,***
***.*************.com Germany*,***,***
***.***********.com United States*,***,***
*********.org United States*,***,***
*******.de Germany*,***,***
****.*********.io France*,***,***
See full domain list