13 matches found
CVE-2022-40282
The web server of Hirschmann BAT-C2 before 09.13.01.00R04 allows authenticated command injection. This allows an authenticated attacker to pass commands to the shell of the system because the dir parameter of the FsCreateDir Ajax function is not sufficiently sanitized. The vendor's ID is...
Hirschmann (Belden) BAT-C2 8.8.1.0R8 Command Injection
CyberDanube Security Research 20221124-0 ------------------------------------------------------------------------------- title| Authenticated Command Injection product| Hirschmann Belden BAT-C2 vulnerable version| 8.8.1.0R8 fixed version| 09.13.01.00R04 CVE number| CVE-2022-40282 impact| High...
Hirschmann BAT-C2 Command Injection Vulnerability
Hirschmann BAT-C2 is a wireless access point from Hirschmann Germany. A command injection vulnerability exists in versions prior to belden Hirschmann BAT-C2 09.13.01.00R04, which stems from a failure to adequately handle the dir parameter of the FsCreateDir Ajax function in the web server, and ca...
CVE-2022-40282
The web server of Hirschmann BAT-C2 before 09.13.01.00R04 allows authenticated command injection. This allows an authenticated attacker to pass commands to the shell of the system because the dir parameter of the FsCreateDir Ajax function is not sufficiently sanitized. The vendor's ID is...
Command injection
The web server of Hirschmann BAT-C2 before 09.13.01.00R04 allows authenticated command injection. This allows an authenticated attacker to pass commands to the shell of the system because the dir parameter of the FsCreateDir Ajax function is not sufficiently sanitized. The vendor's ID is...
CVE-2022-40282
The web server of Hirschmann BAT-C2 before 09.13.01.00R04 allows authenticated command injection. This allows an authenticated attacker to pass commands to the shell of the system because the dir parameter of the FsCreateDir Ajax function is not sufficiently sanitized. The vendor's ID is...
CVE-2022-40282
CVE-2022-40282 summary (Hirschmann BAT-C2) : The web server prior to version 09.13.01.00R04 contains an authenticated command-injection vulnerability in the FsCreateDir Ajax function, caused by insufficient sanitization of the dir parameter. This allows an authenticated attacker to execute shell ...
Hirschmann BAT-C2 安全漏洞
Hirschmann BAT-C2 is a wireless access point from Hirschmann Germany. A command injection vulnerability exists in versions prior to belden Hirschmann BAT-C2 09.13.01.00R04, which stems from a failure to adequately handle the dir parameter of the FsCreateDir Ajax function in the web server, and ca...
PT-2022-6051 · Hirschmann · Hirschmann Bat-C2
Name of the Vulnerable Software and Affected Versions: Hirschmann BAT-C2 versions prior to 09.13.01.00R04 Description: The issue is related to insufficient argument checking in the FsCreateDir Ajax function of the Hirschmann BAT-C2's web interface, allowing an authenticated attacker to inject...
CVE-2022-40282
The web server of Hirschmann BAT-C2 before 09.13.01.00R04 allows authenticated command injection. This allows an authenticated attacker to pass commands to the shell of the system because the dir parameter of the FsCreateDir Ajax function is not sufficiently sanitized. The vendor's ID is...
PT-2021-7546 · Hirschmann · Hirschmann Bat-C2
Name of the Vulnerable Software and Affected Versions: Hirschmann BAT-C2 affected versions not specified Description: The issue exists due to the lack of measures to neutralize special elements used in the operating system command. It allows a remote attacker to execute arbitrary code by sending ...
PT-2021-7545 · Hirschmann · Hirschmann Bat-C2
Name of the Vulnerable Software and Affected Versions: Hirschmann BAT-C2 affected versions not specified Description: The issue exists due to the lack of measures to neutralize special elements used in the operating system command. This can be exploited by sending specially crafted HTTP requests,...
PT-2021-7505 · Hirschmann +1 · Hirschmann Bat-C2 +1
Name of the Vulnerable Software and Affected Versions: Lantronix PremierWave 2050 version 8.9.0.0R4 Hirschmann BAT-C2 affected versions not specified Description: A command injection vulnerability exists in the Web Manager Wireless Network Scanner functionality, allowing a specially-crafted HTTP...