CVE Vulnerability

CVE-2022-37122

Carel pCOWeb HVAC BACnet Gateway 2.1.0, Firmware: A2.1.0 - B2.1.0, Application Software: 2.15.4A Software v16 13020200 suffers from an unauthenticated arbitrary file disclosure vulnerability. Input passed through the 'file' GET parameter through the 'logdownload.cgi' Bash script is not properly verified before being used to download log files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks.

7.5 /10

CVSS v3.0 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://www.zeroscience.mk/codes/carelpco_dir.txt Exploit Third Party Advisory
https://packetstormsecurity.com/files/167684/ Exploit Third Party Advisory
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5709.php Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:carel:applica:2.154a:*:*:*:*:*:*:*
cpe:2.3:a:carel:pcoweb_hvac_bacnet_gateway:2.1.0:*:*:*:*:*:*:*
cpe:2.3:a:carel:applica:16_13020200:*:*:*:*:*:*:*
Information

Published : 2022-08-31 04:15

Updated : 2022-09-08 01:35

NVD link : CVE-2022-37122

Mitre link : CVE-2022-37122

Products Affected

Carel

Pcoweb Card Firmware

CWE
CWE-22