Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2022-40282
HistoryNov 25, 2022 - 5:15 a.m.

Command injection

2022-11-2505:15:00
PRIOn knowledge base
www.prio-n.com
2
command injection
hirschmann bat-c2
authenticated
shell
fscreatedir ajax function
sanitized
vendor bsecv-2022-21.

8.9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.2%

JSON

The web server of Hirschmann BAT-C2 before 09.13.01.00R04 allows authenticated command injection. This allows an authenticated attacker to pass commands to the shell of the system because the dir parameter of the FsCreateDir Ajax function is not sufficiently sanitized. The vendor’s ID is BSECV-2022-21.

CPENameOperatorVersion
hirschmann_bat-c2_firmwareeq< 9.13.0r4

Related

cvelist 1
cnvd 1
packetstorm 1
nvd 1
cve 1
cvelist
cvelist
CVE-2022-40282
2022-11-25 00:00:00
cnvd
cnvd
Hirschmann BAT-C2 Command Injection Vulnerability
2022-11-29 00:00:00
packetstorm
packetstorm
Hirschmann (Belden) BAT-C2 8.8.1.0R8 Command Injection
2022-11-30 00:00:00
nvd
nvd
CVE-2022-40282
2022-11-25 05:15:13
cve
cve
CVE-2022-40282
2022-11-25 05:15:13

8.9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.2%

JSON
Related for PRION:CVE-2022-40282
cvelist1cnvd1packetstorm1nvd1cve1