Cpy Car Park Server Security Vulnerabilities and Issues — Cpy Car Park Server CVE List

Lucene search

GavazziautomationCpy Car Park Server

6 matches found

CVE•added 2022/09/28 2:15 p.m.•587 views

CVE-2022-28811

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could utilize an improper input validation on an API-submitted parameter to execute arbitrary OS commands.

9.8CVSS9.8AI score0.00442EPSS

CVE•added 2022/09/28 2:15 p.m.•552 views

CVE-2022-22526

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a missing authentication allows for full access via API.

9.8CVSS9.7AI score0.00099EPSS

CVE•added 2022/09/28 2:15 p.m.•45 views

CVE-2022-28812

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of hard-coded credentials to gain SuperUser access to the device.

9.8CVSS9.7AI score0.0049EPSS

CVE•added 2022/09/28 2:15 p.m.•41 views

CVE-2022-22522

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of hard-coded credentials to gain full access to the device.

9.8CVSS9.7AI score0.0031EPSS

CVE•added 2022/09/28 2:15 p.m.•41 views

CVE-2022-28814

Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 was discovered to be vulnerable to a relative path traversal vulnerability which enables remote attackers to read arbitrary files and gain full control of the device.

9.8CVSS9.7AI score0.00641EPSS

CVE•added 2022/09/28 2:15 p.m.•39 views

CVE-2022-22524

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 an unauthenticated remote attacker could utilize a SQL-Injection vulnerability to gain full database access, modify users and stop services .

9.4CVSS9.5AI score0.00318EPSS