Lucene search
K

4 matches found

Packet Storm
Packet Storm
added 2022/11/30 12:0 a.m.495 views

Hirschmann (Belden) BAT-C2 8.8.1.0R8 Command Injection

CyberDanube Security Research 20221124-0 ------------------------------------------------------------------------------- title| Authenticated Command Injection product| Hirschmann Belden BAT-C2 vulnerable version| 8.8.1.0R8 fixed version| 09.13.01.00R04 CVE number| CVE-2022-40282 impact| High...

8.9AI score0.03966EPSS
Exploits2
Circl
Circl
added 2022/11/25 7:15 a.m.6 views

CVE-2022-40282

creationtimestamp| type| source ---|---|--- 2022-11-25 07:15:13+00:00| seen| https://t.me/cibsecurity/53489 2025-04-29 15:11:44+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13837...

8.8CVSS8.1AI score0.03966EPSS
Exploits2References2
Vulnrichment
Vulnrichment
added 2022/11/25 12:0 a.m.4 views

CVE-2022-40282

The web server of Hirschmann BAT-C2 before 09.13.01.00R04 allows authenticated command injection. This allows an authenticated attacker to pass commands to the shell of the system because the dir parameter of the FsCreateDir Ajax function is not sufficiently sanitized. The vendor's ID is...

9AI score0.03966EPSS
Exploits2References3
CVE
CVE
added 2022/11/25 12:0 a.m.69 views

CVE-2022-40282

CVE-2022-40282 summary (Hirschmann BAT-C2) : The web server prior to version 09.13.01.00R04 contains an authenticated command-injection vulnerability in the FsCreateDir Ajax function, caused by insufficient sanitization of the dir parameter. This allows an authenticated attacker to execute shell ...

8.8CVSS9AI score0.03966EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder