3 matches found
FESTO Hardware Controller, Hardware Servo Press Kit Improper Neutralization of Special Elements Used in an OS Command (CVE-2022-30310)
In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint cecc-x-acknerr-request POST request doesn't check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection. This plugin...
CVE-2022-30310
creationtimestamp| type| source ---|---|--- 2022-06-13 18:17:54+00:00| seen| https://t.me/cibsecurity/44292 2022-07-11 12:37:51+00:00| seen| https://t.me/CyberSecurityTechnologies/6376 2025-07-01 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-182-04...
CVE-2022-30310
CVE-2022-30310 affects the Festo CECC-X-M1 family. The http-endpoint cecc-x-acknerr-request does not validate port syntax, enabling unauthorized execution of system commands with root privileges via improper access control command injection. Impact is described as remote code execution with root ...