Vulnerabilites related to carel - applica
Vulnerability from fkie_nvd
Published
2022-08-31 16:15
Modified
2024-11-21 07:14
Severity ?
Summary
Carel pCOWeb HVAC BACnet Gateway 2.1.0, Firmware: A2.1.0 - B2.1.0, Application Software: 2.15.4A Software v16 13020200 suffers from an unauthenticated arbitrary file disclosure vulnerability. Input passed through the 'file' GET parameter through the 'logdownload.cgi' Bash script is not properly verified before being used to download log files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://packetstormsecurity.com/files/167684/ | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://www.zeroscience.mk/codes/carelpco_dir.txt | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5709.php | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://packetstormsecurity.com/files/167684/ | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zeroscience.mk/codes/carelpco_dir.txt | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5709.php | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| carel | pcoweb_card_firmware | * | |
| carel | pcoweb_card | - | |
| carel | applica | 2.154a | |
| carel | applica | 16_13020200 | |
| carel | pcoweb_hvac_bacnet_gateway | 2.1.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:carel:pcoweb_card_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C11CD6D6-D99F-4399-A957-FAA6383D19A5",
"versionEndIncluding": "b.2.1.0",
"versionStartIncluding": "a2.1.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:carel:pcoweb_card:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DE87B839-78E7-4789-9B5A-7EAB4834337B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:carel:applica:2.154a:*:*:*:*:*:*:*",
"matchCriteriaId": "459F002B-D36A-4EDC-AF4F-7E36A67D2E93",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carel:applica:16_13020200:*:*:*:*:*:*:*",
"matchCriteriaId": "4ACFD15F-815E-4BA5-B7D2-FAA28A647421",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:carel:pcoweb_hvac_bacnet_gateway:2.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8D03596D-C817-41D1-8277-B09AA0600380",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Carel pCOWeb HVAC BACnet Gateway 2.1.0, Firmware: A2.1.0 - B2.1.0, Application Software: 2.15.4A Software v16 13020200 suffers from an unauthenticated arbitrary file disclosure vulnerability. Input passed through the \u0027file\u0027 GET parameter through the \u0027logdownload.cgi\u0027 Bash script is not properly verified before being used to download log files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks."
},
{
"lang": "es",
"value": "Carel pCOWeb HVAC BACnet Gateway versi\u00f3n 2.1.0, Firmware: A2.1.0 - B2.1.0, Software de aplicaci\u00f3n: 2.15.4A Software versi\u00f3n v16 13020200, sufre una vulnerabilidad de divulgaci\u00f3n de archivos arbitraria no autenticada. La entrada que es pasada mediante el par\u00e1metro GET \"file\" mediante el script Bash \"logdownload.cgi\" no es verificado apropiadamente antes de ser usado para descargar archivos de registro. Esto puede ser aprovechado para divulgar el contenido de archivos arbitrarios y confidenciales por medio de ataques de salto de directorio"
}
],
"id": "CVE-2022-37122",
"lastModified": "2024-11-21T07:14:29.000",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-08-31T16:15:11.747",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/167684/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.zeroscience.mk/codes/carelpco_dir.txt"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5709.php"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://packetstormsecurity.com/files/167684/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.zeroscience.mk/codes/carelpco_dir.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5709.php"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
var-202208-2220
Vulnerability from variot
Carel pCOWeb HVAC BACnet Gateway 2.1.0, Firmware: A2.1.0 - B2.1.0, Application Software: 2.15.4A Software v16 13020200 suffers from an unauthenticated arbitrary file disclosure vulnerability. Input passed through the 'file' GET parameter through the 'logdownload.cgi' Bash script is not properly verified before being used to download log files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks. CAREL INDUSTRIES S.p.a. of pCOWeb card firmware, applica , pcoweb hvac bacnet gateway Exists in a past traversal vulnerability.Information may be obtained. pCO sistema is the solution CAREL offers its customers for managing HVAC/Rapplications and systems. It consists of programmable controllers, user interfaces,gateways and communication interfaces, remote management systems to offer the OEMsworking in HVAC/R a control system that is powerful yet flexible, can be easily interfacedto the more widely-used Building Management Systems, and can also be integrated intoproprietary supervisory systems.The device suffers from an unauthenticated arbitrary file disclosure vulnerability.Input passed through the 'file' GET parameter through the 'logdownload.cgi' Bash scriptis not properly verified before being used to download log files
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-202208-2220",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "applica",
"scope": "eq",
"trust": 1.0,
"vendor": "carel",
"version": "2.154a"
},
{
"model": "pcoweb card",
"scope": "gte",
"trust": 1.0,
"vendor": "carel",
"version": "a2.1.0"
},
{
"model": "pcoweb hvac bacnet gateway",
"scope": "eq",
"trust": 1.0,
"vendor": "carel",
"version": "2.1.0"
},
{
"model": "applica",
"scope": "eq",
"trust": 1.0,
"vendor": "carel",
"version": "16_13020200"
},
{
"model": "pcoweb card",
"scope": "lte",
"trust": 1.0,
"vendor": "carel",
"version": "b.2.1.0"
},
{
"model": "applica",
"scope": null,
"trust": 0.8,
"vendor": "carel industries s p a",
"version": null
},
{
"model": "pcoweb card",
"scope": null,
"trust": 0.8,
"vendor": "carel industries s p a",
"version": null
},
{
"model": "pcoweb hvac bacnet gateway",
"scope": null,
"trust": 0.8,
"vendor": "carel industries s p a",
"version": null
},
{
"model": "pcoweb hvac bacnet gateway",
"scope": "eq",
"trust": 0.1,
"vendor": "carel industries s p a",
"version": "firmware: a2.1.0 - b2.1.0"
},
{
"model": "pcoweb hvac bacnet gateway",
"scope": "eq",
"trust": 0.1,
"vendor": "carel industries s p a",
"version": "application software: 2.15.4a"
},
{
"model": "pcoweb hvac bacnet gateway",
"scope": "eq",
"trust": 0.1,
"vendor": "carel industries s p a",
"version": "software version: v16 13020200"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2022-5709"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-016301"
},
{
"db": "NVD",
"id": "CVE-2022-37122"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Vulnerability discovered by Gjoko Krstic",
"sources": [
{
"db": "ZSL",
"id": "ZSL-2022-5709"
}
],
"trust": 0.1
},
"cve": "CVE-2022-37122",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2022-37122",
"impactScore": 3.6,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "None",
"baseScore": 7.5,
"baseSeverity": "High",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2022-37122",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2022-37122",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2022-37122",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-202208-4478",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "ZSL",
"id": "ZSL-2022-5709",
"trust": 0.1,
"value": "(4/5)"
}
]
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2022-5709"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-016301"
},
{
"db": "CNNVD",
"id": "CNNVD-202208-4478"
},
{
"db": "NVD",
"id": "CVE-2022-37122"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Carel pCOWeb HVAC BACnet Gateway 2.1.0, Firmware: A2.1.0 - B2.1.0, Application Software: 2.15.4A Software v16 13020200 suffers from an unauthenticated arbitrary file disclosure vulnerability. Input passed through the \u0027file\u0027 GET parameter through the \u0027logdownload.cgi\u0027 Bash script is not properly verified before being used to download log files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks. CAREL INDUSTRIES S.p.a. of pCOWeb card firmware, applica , pcoweb hvac bacnet gateway Exists in a past traversal vulnerability.Information may be obtained. pCO sistema is the solution CAREL offers its customers for managing HVAC/Rapplications and systems. It consists of programmable controllers, user interfaces,gateways and communication interfaces, remote management systems to offer the OEMsworking in HVAC/R a control system that is powerful yet flexible, can be easily interfacedto the more widely-used Building Management Systems, and can also be integrated intoproprietary supervisory systems.The device suffers from an unauthenticated arbitrary file disclosure vulnerability.Input passed through the \u0027file\u0027 GET parameter through the \u0027logdownload.cgi\u0027 Bash scriptis not properly verified before being used to download log files",
"sources": [
{
"db": "NVD",
"id": "CVE-2022-37122"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-016301"
},
{
"db": "ZSL",
"id": "ZSL-2022-5709"
},
{
"db": "VULHUB",
"id": "VHN-433016"
},
{
"db": "VULMON",
"id": "CVE-2022-37122"
}
],
"trust": 1.89
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.zeroscience.mk/codes/carelpco_dir.txt",
"trust": 0.1,
"type": "poc"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2022-5709"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2022-37122",
"trust": 3.5
},
{
"db": "PACKETSTORM",
"id": "167684",
"trust": 2.7
},
{
"db": "ZSL",
"id": "ZSL-2022-5709",
"trust": 2.7
},
{
"db": "JVNDB",
"id": "JVNDB-2022-016301",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-202208-4478",
"trust": 0.6
},
{
"db": "EXPLOIT-DB",
"id": "50986",
"trust": 0.1
},
{
"db": "CXSECURITY",
"id": "WLB-2022070011",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-433016",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2022-37122",
"trust": 0.1
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2022-5709"
},
{
"db": "VULHUB",
"id": "VHN-433016"
},
{
"db": "VULMON",
"id": "CVE-2022-37122"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-016301"
},
{
"db": "CNNVD",
"id": "CNNVD-202208-4478"
},
{
"db": "NVD",
"id": "CVE-2022-37122"
}
]
},
"id": "VAR-202208-2220",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-433016"
}
],
"trust": 0.01
},
"last_update_date": "2024-08-14T14:49:39.141000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-22",
"trust": 1.1
},
{
"problemtype": "Path traversal (CWE-22) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-433016"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-016301"
},
{
"db": "NVD",
"id": "CVE-2022-37122"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.7,
"url": "https://packetstormsecurity.com/files/167684/"
},
{
"trust": 2.6,
"url": "https://www.zeroscience.mk/codes/carelpco_dir.txt"
},
{
"trust": 2.6,
"url": "https://www.zeroscience.mk/en/vulnerabilities/zsl-2022-5709.php"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2022-37122"
},
{
"trust": 0.6,
"url": "https://cxsecurity.com/cveshow/cve-2022-37122/"
},
{
"trust": 0.1,
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/230273"
},
{
"trust": 0.1,
"url": "https://cxsecurity.com/issue/wlb-2022070011"
},
{
"trust": 0.1,
"url": "https://www.exploit-db.com/exploits/50986"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2022-37122"
},
{
"trust": 0.1,
"url": "https://www.tenable.com/cve/cve-2022-37122"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
}
],
"sources": [
{
"db": "ZSL",
"id": "ZSL-2022-5709"
},
{
"db": "VULHUB",
"id": "VHN-433016"
},
{
"db": "VULMON",
"id": "CVE-2022-37122"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-016301"
},
{
"db": "CNNVD",
"id": "CNNVD-202208-4478"
},
{
"db": "NVD",
"id": "CVE-2022-37122"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "ZSL",
"id": "ZSL-2022-5709"
},
{
"db": "VULHUB",
"id": "VHN-433016"
},
{
"db": "VULMON",
"id": "CVE-2022-37122"
},
{
"db": "JVNDB",
"id": "JVNDB-2022-016301"
},
{
"db": "CNNVD",
"id": "CNNVD-202208-4478"
},
{
"db": "NVD",
"id": "CVE-2022-37122"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-06-30T00:00:00",
"db": "ZSL",
"id": "ZSL-2022-5709"
},
{
"date": "2022-08-31T00:00:00",
"db": "VULHUB",
"id": "VHN-433016"
},
{
"date": "2022-08-31T00:00:00",
"db": "VULMON",
"id": "CVE-2022-37122"
},
{
"date": "2023-10-03T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2022-016301"
},
{
"date": "2022-08-31T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202208-4478"
},
{
"date": "2022-08-31T16:15:11.747000",
"db": "NVD",
"id": "CVE-2022-37122"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2022-09-01T00:00:00",
"db": "ZSL",
"id": "ZSL-2022-5709"
},
{
"date": "2022-09-08T00:00:00",
"db": "VULHUB",
"id": "VHN-433016"
},
{
"date": "2022-08-31T00:00:00",
"db": "VULMON",
"id": "CVE-2022-37122"
},
{
"date": "2023-10-03T08:08:00",
"db": "JVNDB",
"id": "JVNDB-2022-016301"
},
{
"date": "2022-09-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-202208-4478"
},
{
"date": "2022-09-08T01:35:34.110000",
"db": "NVD",
"id": "CVE-2022-37122"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202208-4478"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "plural \u00a0CAREL\u00a0INDUSTRIES\u00a0S.p.a.\u00a0 Past traversal vulnerabilities in products",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2022-016301"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "path traversal",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-202208-4478"
}
],
"trust": 0.6
}
}
CVE-2022-37122 (GCVE-0-2022-37122)
Vulnerability from cvelistv5
Published
2022-08-31 15:47
Modified
2024-08-03 10:21
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Carel pCOWeb HVAC BACnet Gateway 2.1.0, Firmware: A2.1.0 - B2.1.0, Application Software: 2.15.4A Software v16 13020200 suffers from an unauthenticated arbitrary file disclosure vulnerability. Input passed through the 'file' GET parameter through the 'logdownload.cgi' Bash script is not properly verified before being used to download log files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5709.php | x_refsource_MISC | |
| https://www.zeroscience.mk/codes/carelpco_dir.txt | x_refsource_MISC | |
| https://packetstormsecurity.com/files/167684/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:21:33.235Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5709.php"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zeroscience.mk/codes/carelpco_dir.txt"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://packetstormsecurity.com/files/167684/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Carel pCOWeb HVAC BACnet Gateway 2.1.0, Firmware: A2.1.0 - B2.1.0, Application Software: 2.15.4A Software v16 13020200 suffers from an unauthenticated arbitrary file disclosure vulnerability. Input passed through the \u0027file\u0027 GET parameter through the \u0027logdownload.cgi\u0027 Bash script is not properly verified before being used to download log files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-31T15:47:57",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5709.php"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zeroscience.mk/codes/carelpco_dir.txt"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://packetstormsecurity.com/files/167684/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-37122",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Carel pCOWeb HVAC BACnet Gateway 2.1.0, Firmware: A2.1.0 - B2.1.0, Application Software: 2.15.4A Software v16 13020200 suffers from an unauthenticated arbitrary file disclosure vulnerability. Input passed through the \u0027file\u0027 GET parameter through the \u0027logdownload.cgi\u0027 Bash script is not properly verified before being used to download log files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5709.php",
"refsource": "MISC",
"url": "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5709.php"
},
{
"name": "https://www.zeroscience.mk/codes/carelpco_dir.txt",
"refsource": "MISC",
"url": "https://www.zeroscience.mk/codes/carelpco_dir.txt"
},
{
"name": "https://packetstormsecurity.com/files/167684/",
"refsource": "MISC",
"url": "https://packetstormsecurity.com/files/167684/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-37122",
"datePublished": "2022-08-31T15:47:57",
"dateReserved": "2022-08-01T00:00:00",
"dateUpdated": "2024-08-03T10:21:33.235Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}