CVE-2022-28113

An issue in upload.csp of FANTEC GmbH MWiD25-DS Firmware v2.000.030 allows attackers to write files and reset the user passwords without having a valid session cookie.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:fantec:mwid25-ds_firmware:2.000.030:*:*:*:*:*:*:*
cpe:2.3:h:fantec:mwid25-ds:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-04-15 19:15

Updated : 2024-02-28 19:09


NVD link : CVE-2022-28113

Mitre link : CVE-2022-28113

CVE.ORG link : CVE-2022-28113


JSON object : View

Products Affected

fantec

  • mwid25-ds
  • mwid25-ds_firmware
CWE
CWE-565

Reliance on Cookies without Validation and Integrity Checking