3 matches found
CVE-2022-24312
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists that could cause modification of an existing file by adding at end of file or create a new file in the context of the Data Server potentially leading to remote code execution when an attacker sends a...
Schneider Electric IGSS Data Server Path Traversal (CVE-2022-24312)
Binary data schneiderelectricigsscve-2022-24312.nbin...
CVE-2022-24312
Schneider Electric IGSS Data Server (IGSSdataServer.exe) v15.0.0.22020 and earlier is affected by CVE-2022-24312, a CWE-22 path traversal vulnerability that could allow modification of existing files or creation of new files in the Data Server context, potentially enabling remote code execution w...