Lucene search
K

4 matches found

Nuclei
Nuclei
added 3 days ago16 views

Carel pCOWeb HVAC BACnet Gateway 2.1.0 - Path Traversal

Carel pCOWeb HVAC BACnet Gateway 2.1.0 contains an unauthenticated arbitrary file disclosure caused by improper verification of the 'file' GET parameter in logdownload.cgi, letting attackers disclose sensitive files via directory traversal, exploit requires no authentication. id: CVE-2022-37122...

7.5CVSS7AI score0.19669EPSS
Exploits3References4
RedhatCVE
RedhatCVE
added 2026/01/09 10:50 a.m.8 views

CVE-2022-37122

Carel pCOWeb HVAC BACnet Gateway 2.1.0, Firmware: A2.1.0 - B2.1.0, Application Software: 2.15.4A Software v16 13020200 suffers from an unauthenticated arbitrary file disclosure vulnerability. Input passed through the 'file' GET parameter through the 'logdownload.cgi' Bash script is not properly...

7.5CVSS6.9AI score0.19669EPSS
Exploits3References1
CVE
CVE
added 2022/08/31 3:47 p.m.62 views

CVE-2022-37122

Carel pCOWeb HVAC BACnet Gateway 2.1.0 (Firmware A2.1.0–B2.1.0; Software v16 13020200; App 2.15.4A) is affected by an unauthenticated arbitrary file disclosure due to improper verification of the 'file' GET parameter in logdownload.cgi. The vulnerability allows directory traversal to disclose arb...

7.5CVSS7.4AI score0.19669EPSS
Exploits3References3Affected Software1
Zero Science Lab
Zero Science Lab
added 2022/06/30 12:0 a.m.461 views

Carel pCOWeb HVAC BACnet Gateway 2.1.0 Unauthenticated Directory Traversal

Summary pCO sistema is the solution CAREL offers its customers for managing HVAC/R applications and systems. It consists of programmable controllers, user interfaces, gateways and communication interfaces, remote management systems to offer the OEMs working in HVAC/R a control system that is...

7.5CVSS7.2AI score0.19669EPSS
Exploits3
Rows per page
Query Builder