5 matches found
Input validation
Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. Follow-up of CVE-2022-36323...
CVE-2023-44373
Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. Follow-up of CVE-2022-36323...
Siemens SCALANCE Improper Neutralization of Special Elements in Output Used By a Downstream Component (CVE-2022-36323)
Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more...
CVE-2022-36323
Consolidated disclosure shows CVE-2022-36323 as an input sanitization vulnerability that can let an authenticated admin inject code or spawn a system root shell. The follow-up CVE-2023-44373 (in Siemens SCALANCE/W700 family and related devices) confirms this issue as a cross-contract injection vu...
CVE-2022-36323
Affected devices do not properly sanitize an input field. This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell...