CVE-2022-2102

🗓️ 24 Jun 2022 15:00:33Reported by icscertType

cve🔗 web.nvd.nist.gov📰️ 6 Media mentions👁 51 Views

Controls limiting uploads to certain file extensions may be bypassed. This could allow an attacker to intercept the initial file upload page response and modify the associated code. This modified code can be forwarded and used by a script loaded later in the sequence, allowing for arbitrary file upload into a location where PHP scripts may be executed

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2022-2102	24 Jun 202218:31	–	circl
CNNVD	Secheron SEPCOS Control and Protection Relay 代码问题漏洞	23 Jun 202200:00	–	cnnvd
CNVD	Secheron SEPCOS Control and Protection Relay Code Issue Vulnerability	27 Jun 202200:00	–	cnvd
Cvelist	CVE-2022-2102 Secheron SEPCOS Control and Protection Relay	24 Jun 202215:00	–	cvelist
EUVD	EUVD-2022-34390	3 Oct 202520:07	–	euvd
ICS	Secheron SEPCOS Control and Protection Relay	23 Jun 202200:00	–	ics
NVD	CVE-2022-2102	24 Jun 202215:15	–	nvd
OSV	CVE-2022-2102	24 Jun 202215:15	–	osv
Prion	Design/Logic Flaw	24 Jun 202215:15	–	prion
Vulnrichment	CVE-2022-2102 Secheron SEPCOS Control and Protection Relay	24 Jun 202215:00	–	vulnrichment

NVD

Vulners

Node

secheron sepcos_control_and_protection_relay_firmwareRange1.23.0–1.23.21

secheron sepcos_control_and_protection_relay_firmwareRange1.24.0–1.24.8

secheron sepcos_control_and_protection_relay_firmwareRange1.25.0–1.25.3

AND

secheron sepcos_control_and_protection_relayMatch-

[
  {
    "product": "SEPCOS Control and Protection Relay firmware package",
    "vendor": "Secheron",
    "versions": [
      {
        "changes": [
          {
            "at": "1.24.8",
            "status": "unaffected"
          },
          {
            "at": "1.25.3",
            "status": "unaffected"
          }
        ],
        "lessThan": "1.23.21",
        "status": "affected",
        "version": "All versions",
        "versionType": "custom"
      }
    ]
  }
]