CVE-2022-36537CISA KEVEPSS p99.9%

CVE-2022-36537ZK Framework AuUploader Unspecified Vulnerability

ZK Framework / AuUploader

Description

ZK Framework AuUploader servlets contain an unspecified vulnerability that could allow an attacker to retrieve the content of a file located in the web context. The ZK Framework is an open-source Java framework. This vulnerability can impact multiple products, including but not limited to ConnectWise R1Soft Server Backup Manager.

Scoring

EPSS95.34% probability of exploitation · percentile 99.9% · 2026-06-17T12:03:21Z

CISA KEV entry

Added to KEV: 2023-02-27

(incoming)1

TypeTargetConfidenceTier
KEVEntryZK Framework AuUploader Unspecified Vulnerabilitykev-cve-2022-365370%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2025-52239
CVE
Ivanti Pulse Connect Secure Unrestricted File Upload Vulnerability
CVE
Zoho ManageEngine Desktop Central File Upload Vulnerability
CVE
CVE-2025-2216
CVE
CVE-2026-21628
CVE
CVE-2025-2115
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.