2 matches found
CVE-2022-24311
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause modification of an existing file by inserting at beginning of file or create a new file in the context of the Data Server potentially leading to remote code execution when an attacker sends...
CVE-2022-24311
Schneider Electric IGSS Data Server (v15.0.0.22020 and earlier) includes a CWE-22 path traversal vulnerability that can modify an existing file or create a new one in the Data Server context, potentially enabling remote code execution when a specially crafted message is sent. The Red Hat/ICSA adv...