🕵️ CVE-2022-37122 | Carel pCOWeb HVAC BACnet Gateway GET Parameter logdownload.cgi file pathname traversal (ID 167684)
Nachrichtenbereich: 🕵️ Sicherheitslücken
🔗 Quelle: vuldb.com
A vulnerability was found in Carel pCOWeb HVAC BACnet Gateway. It has been classified as critical. Affected is an unknown function of the file logdownload.cgi of the component GET Parameter Handler. The manipulation of the argument file leads to pathname traversal. This vulnerability is traded as CVE-2022-37122. Access to the local network is required for this attack to succeed. There is no exploit available. ...
⚠️ Carel pCOWeb HVAC Insecure Credential Storage
📈 75.41 Punkte
⚠️ PoC
⚠️ [webapps] Carel PlantVisor 2.4.4 - Directory Traversal
📈 30.53 Punkte
⚠️ PoC
⚠️ Carel PlantVisor 2.4.4 Directory Traversal
📈 30.53 Punkte
⚠️ PoC