Carel pCOWeb HVAC BACnet Gateway 2.1.0, Firmware: A2.1.0 - B2.1.0, Application Software: 2.15.4A Software v16 13020200 suffers from an unauthenticated arbitrary file disclosure vulnerability. Input passed through the 'file' GET parameter through the 'logdownload.cgi' Bash script is not properly verified before being used to download log files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks.
References
Link | Resource |
---|---|
https://packetstormsecurity.com/files/167684/ | Exploit Third Party Advisory VDB Entry |
https://www.zeroscience.mk/codes/carelpco_dir.txt | Exploit Third Party Advisory |
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5709.php | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
|
History
08 Sep 2022, 01:35
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5709.php - Exploit, Third Party Advisory | |
References | (MISC) https://www.zeroscience.mk/codes/carelpco_dir.txt - Exploit, Third Party Advisory | |
References | (MISC) https://packetstormsecurity.com/files/167684/ - Exploit, Third Party Advisory, VDB Entry | |
CWE | CWE-22 | |
CPE | cpe:2.3:h:carel:pcoweb_card:-:*:*:*:*:*:*:* cpe:2.3:a:carel:applica:16_13020200:*:*:*:*:*:*:* cpe:2.3:a:carel:applica:2.154a:*:*:*:*:*:*:* cpe:2.3:a:carel:pcoweb_hvac_bacnet_gateway:2.1.0:*:*:*:*:*:*:* cpe:2.3:o:carel:pcoweb_card_firmware:*:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
First Time |
Carel pcoweb Card
Carel applica Carel pcoweb Card Firmware Carel pcoweb Hvac Bacnet Gateway Carel |
31 Aug 2022, 16:53
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-08-31 16:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-37122
Mitre link : CVE-2022-37122
CVE.ORG link : CVE-2022-37122
JSON object : View
Products Affected
carel
- pcoweb_card_firmware
- pcoweb_card
- applica
- pcoweb_hvac_bacnet_gateway
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')