3 matches found
CVE-2022-2253 Distributed Data Systems WebHMI OS Command Injection
A user with administrative privileges in Distributed Data Systems WebHMI 4.1.1.7662 may send OS commands to execute on the host server...
CVE-2022-2253
CVE-2022-2253 affects Distributed Data Systems WebHMI 4.1.1.7662 (and possibly prior versions). It is an OS command injection (CWE-78) vulnerability caused by improper neutralization of input during web page generation, allowing a user with administrative privileges to send OS commands to execute...
Distributed Data Systems WebHMI
1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Distributed Data Systems Equipment: WebHMI Vulnerabilities: Cross-site Scripting, OS Command Injection 2. RISK EVALUATION Successful exploitation of these vulnerabilities...