Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2022-40282
HistoryNov 25, 2022 - 12:00 a.m.

CVE-2022-40282

2022-11-2500:00:00
mitre
www.cve.org
web server
hirschmann bat-c2
authenticated
command injection
vendor's id
bsecv-2022-21

9.2 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.2%

JSON

The web server of Hirschmann BAT-C2 before 09.13.01.00R04 allows authenticated command injection. This allows an authenticated attacker to pass commands to the shell of the system because the dir parameter of the FsCreateDir Ajax function is not sufficiently sanitized. The vendor’s ID is BSECV-2022-21.

Related

prion 1
cnvd 1
packetstorm 1
nvd 1
cve 1
prion
prion
Command injection
2022-11-25 05:15:00
cnvd
cnvd
Hirschmann BAT-C2 Command Injection Vulnerability
2022-11-29 00:00:00
packetstorm
packetstorm
Hirschmann (Belden) BAT-C2 8.8.1.0R8 Command Injection
2022-11-30 00:00:00
nvd
nvd
CVE-2022-40282
2022-11-25 05:15:13
cve
cve
CVE-2022-40282
2022-11-25 05:15:13

9.2 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.2%

JSON
Related for CVELIST:CVE-2022-40282
prion1cnvd1packetstorm1nvd1cve1