CVE-2022-40282

The web server of Hirschmann BAT-C2 before 09.13.01.00R04 allows authenticated command injection. This allows an authenticated attacker to pass commands to the shell of the system because the dir parameter of the FsCreateDir Ajax function is not sufficiently sanitized. The vendor's ID is...

The vulnerability of the FsCreateDir function in the Ajax web interface for managing WLAN client software Hirschmann BAT-C2 allows a hacker to execute arbitrary commands.

The vulnerability of the FsCreateDir function in the Ajax web interface for managing WLAN client software Hirschmann BAT-C2 is related to insufficient checking of arguments passed in the command. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands using the dir...

The vulnerability of the RSA KeyPassWD parameter in the web interface for managing Hirschmann BAT-C2 WLAN-client microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the RSA KeyPassWD parameter in the web interface for managing WLAN client micro-programming software Hirschmann BAT-C2 exists due to the failure to take measures to neutralize the special elements used in the operating system command. Exploiting this vulnerability allows a...

The vulnerability in the web interface of Hirschmann BAT-C2’s WLAN-client microprogramming software allows a hacker to perform arbitrary actions.

The vulnerability of the web interface for managing WLAN client micro-programming software Hirschmann BAT-C2 exists due to the failure to take measures to neutralize special elements used in the operating system command. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

The vulnerability of the sslgeneratecsr function in the web interface for managing WLAN client software Hirschmann BAT-C2 allows a hacker to execute arbitrary code.

The vulnerability of the sslgeneratecsr function in the web interface for managing WLAN client micro-programming systems from Hirschmann BAT-C2 is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker to execute arbitrary code by sending a specially crafte...

The vulnerability in the web interface for controlling Hirschmann BAT-C2 wireless client software allows a hacker to execute arbitrary code.

The vulnerability of the web interface for managing WLAN client micro-programming software Hirschmann BAT-C2 exists due to the failure to take measures to neutralize special elements used in the operating system command. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

CVE-2022-40282

The web server of Hirschmann BAT-C2 before 09.13.01.00R04 allows authenticated command injection. This allows an authenticated attacker to pass commands to the shell of the system because the dir parameter of the FsCreateDir Ajax function is not sufficiently sanitized. The vendor's ID is...

Command injection

The web server of Hirschmann BAT-C2 before 09.13.01.00R04 allows authenticated command injection. This allows an authenticated attacker to pass commands to the shell of the system because the dir parameter of the FsCreateDir Ajax function is not sufficiently sanitized. The vendor's ID is...

CVE-2022-40282

The web server of Hirschmann BAT-C2 before 09.13.01.00R04 allows authenticated command injection. This allows an authenticated attacker to pass commands to the shell of the system because the dir parameter of the FsCreateDir Ajax function is not sufficiently sanitized. The vendor's ID is...

CVE-2022-40282

The web server of Hirschmann BAT-C2 before 09.13.01.00R04 allows authenticated command injection. This allows an authenticated attacker to pass commands to the shell of the system because the dir parameter of the FsCreateDir Ajax function is not sufficiently sanitized. The vendor's ID is...

CVE-2022-40282

CVE-2022-40282 summary (Hirschmann BAT-C2) : The web server prior to version 09.13.01.00R04 contains an authenticated command-injection vulnerability in the FsCreateDir Ajax function, caused by insufficient sanitization of the dir parameter. This allows an authenticated attacker to execute shell ...

Hirschmann BAT-C2 安全漏洞

Hirschmann BAT-C2 is a wireless access point from Hirschmann Germany. A command injection vulnerability exists in versions prior to belden Hirschmann BAT-C2 09.13.01.00R04, which stems from a failure to adequately handle the dir parameter of the FsCreateDir Ajax function in the web server, and ca...

PT-2022-6051 · Hirschmann · Hirschmann Bat-C2

Name of the Vulnerable Software and Affected Versions: Hirschmann BAT-C2 versions prior to 09.13.01.00R04 Description: The issue is related to insufficient argument checking in the FsCreateDir Ajax function of the Hirschmann BAT-C2's web interface, allowing an authenticated attacker to inject...

PT-2021-7546 · Hirschmann · Hirschmann Bat-C2

Name of the Vulnerable Software and Affected Versions: Hirschmann BAT-C2 affected versions not specified Description: The issue exists due to the lack of measures to neutralize special elements used in the operating system command. It allows a remote attacker to execute arbitrary code by sending ...

PT-2021-7545 · Hirschmann · Hirschmann Bat-C2

Name of the Vulnerable Software and Affected Versions: Hirschmann BAT-C2 affected versions not specified Description: The issue exists due to the lack of measures to neutralize special elements used in the operating system command. This can be exploited by sending specially crafted HTTP requests,...

PT-2021-7505 · Hirschmann +1 · Hirschmann Bat-C2 +1

Name of the Vulnerable Software and Affected Versions: Lantronix PremierWave 2050 version 8.9.0.0R4 Hirschmann BAT-C2 affected versions not specified Description: A command injection vulnerability exists in the Web Manager Wireless Network Scanner functionality, allowing a specially-crafted HTTP...