CVE-2022-40282

CVE-2022-40282

The web server of Hirschmann BAT-C2 before 09.13.01.00R04 allows authenticated command injection. This allows an authenticated attacker to pass commands to the shell of the system because the dir parameter of the FsCreateDir Ajax function is not sufficiently sanitized. The vendor’s ID is BSECV-2022-21.

Source: CVE-2022-40282

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다