CVE-2022-37122

Carel pCOWeb HVAC BACnet Gateway 2.1.0, Firmware: A2.1.0 - B2.1.0, Application Software: 2.15.4A Software v16 13020200 suffers from an unauthenticated arbitrary file disclosure vulnerability. Input passed through the 'file' GET parameter through the 'logdownload.cgi' Bash script is not properly verified before being used to download log files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks.
References
Link Resource
https://packetstormsecurity.com/files/167684/ Exploit Third Party Advisory VDB Entry
https://www.zeroscience.mk/codes/carelpco_dir.txt Exploit Third Party Advisory
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5709.php Exploit Third Party Advisory
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:carel:pcoweb_card_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:carel:pcoweb_card:-:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:carel:applica:2.154a:*:*:*:*:*:*:*
cpe:2.3:a:carel:applica:16_13020200:*:*:*:*:*:*:*
cpe:2.3:a:carel:pcoweb_hvac_bacnet_gateway:2.1.0:*:*:*:*:*:*:*

History

08 Sep 2022, 01:35

Type Values Removed Values Added
References (MISC) https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5709.php - (MISC) https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5709.php - Exploit, Third Party Advisory
References (MISC) https://www.zeroscience.mk/codes/carelpco_dir.txt - (MISC) https://www.zeroscience.mk/codes/carelpco_dir.txt - Exploit, Third Party Advisory
References (MISC) https://packetstormsecurity.com/files/167684/ - (MISC) https://packetstormsecurity.com/files/167684/ - Exploit, Third Party Advisory, VDB Entry
CWE CWE-22
CPE cpe:2.3:h:carel:pcoweb_card:-:*:*:*:*:*:*:*
cpe:2.3:a:carel:applica:16_13020200:*:*:*:*:*:*:*
cpe:2.3:a:carel:applica:2.154a:*:*:*:*:*:*:*
cpe:2.3:a:carel:pcoweb_hvac_bacnet_gateway:2.1.0:*:*:*:*:*:*:*
cpe:2.3:o:carel:pcoweb_card_firmware:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.5
First Time Carel pcoweb Card
Carel applica
Carel pcoweb Card Firmware
Carel pcoweb Hvac Bacnet Gateway
Carel

31 Aug 2022, 16:53

Type Values Removed Values Added
New CVE

Information

Published : 2022-08-31 16:15

Updated : 2023-12-10 14:35


NVD link : CVE-2022-37122

Mitre link : CVE-2022-37122

CVE.ORG link : CVE-2022-37122


JSON object : View

Products Affected

carel

  • pcoweb_card_firmware
  • pcoweb_card
  • applica
  • pcoweb_hvac_bacnet_gateway
CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')