CVE has changed to disputed

Question

CVE has changed to disputed

Opened this issue 3 years ago · 1 comments

erhan- commented 3 years ago

Not sure how much this vulnerability is real but there are some things going on:

See: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29072

See also: https://sourceforge.net/p/sevenzip/discussion/45797/thread/65ce9ab4cb/

Answer 1 · 2022-04-22T15:01:40.000Z

Also, see also: https://web.archive.org/web/20220421231342/https://sourceforge.net/p/sevenzip/bugs/2337/?page=1

I am a hacker. I'm evaluating and I don't want to say because I make money from this business. I won and I'm just telling you how to turn it off from the interface. If there is no access to hh.exe from the interface, there is nowhere to trigger anyway. I don't intend to reveal the details of the vulnerability because that's the way I am selling it.