4 matches found
CVE-2022-40282
The web server of Hirschmann BAT-C2 before 09.13.01.00R04 allows authenticated command injection. This allows an authenticated attacker to pass commands to the shell of the system because the dir parameter of the FsCreateDir Ajax function is not sufficiently sanitized. The vendor's ID is...
Command injection
The web server of Hirschmann BAT-C2 before 09.13.01.00R04 allows authenticated command injection. This allows an authenticated attacker to pass commands to the shell of the system because the dir parameter of the FsCreateDir Ajax function is not sufficiently sanitized. The vendor's ID is...
CVE-2022-40282
The web server of Hirschmann BAT-C2 before 09.13.01.00R04 allows authenticated command injection. This allows an authenticated attacker to pass commands to the shell of the system because the dir parameter of the FsCreateDir Ajax function is not sufficiently sanitized. The vendor's ID is...
CVE-2022-40282
CVE-2022-40282 summary (Hirschmann BAT-C2) : The web server prior to version 09.13.01.00R04 contains an authenticated command-injection vulnerability in the FsCreateDir Ajax function, caused by insufficient sanitization of the dir parameter. This allows an authenticated attacker to execute shell ...