CVE-2022-37122

Опубликовано: 31 авг. 2022

Источник: nvd

CVSS3: 7.5

EPSS Средний

Описание

Carel pCOWeb HVAC BACnet Gateway 2.1.0, Firmware: A2.1.0 - B2.1.0, Application Software: 2.15.4A Software v16 13020200 suffers from an unauthenticated arbitrary file disclosure vulnerability. Input passed through the 'file' GET parameter through the 'logdownload.cgi' Bash script is not properly verified before being used to download log files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks.

Ссылки

https://packetstormsecurity.com/files/167684/
Exploit
Third Party Advisory
VDB Entry
https://www.zeroscience.mk/codes/carelpco_dir.txt
Exploit
Third Party Advisory
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5709.php
Exploit
Third Party Advisory
https://packetstormsecurity.com/files/167684/
Exploit
Third Party Advisory
VDB Entry
https://www.zeroscience.mk/codes/carelpco_dir.txt
Exploit
Third Party Advisory
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5709.php
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:carel:pcoweb_card_firmware:*:*:*:*:*:*:*:*

Версия от a2.1.0 (включая) до b.2.1.0 (включая)

cpe:2.3:h:carel:pcoweb_card:-:*:*:*:*:*:*:*

Конфигурация 2

Одно из

cpe:2.3:a:carel:applica:2.154a:*:*:*:*:*:*:*

cpe:2.3:a:carel:applica:16_13020200:*:*:*:*:*:*:*

cpe:2.3:a:carel:pcoweb_hvac_bacnet_gateway:2.1.0:*:*:*:*:*:*:*

EPSS

Процентиль: 98%

0.58497

Средний

7.5 High

CVSS3

Дефекты

CWE-22

Связанные уязвимости

GHSA-wwr2-w2jp-vx63