Vulnerabilities (CVE)

Filtered by vendor Belden Subscribe
Filtered by product Hirschmann Bat-c2
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-40282 1 Belden 2 Hirschmann Bat-c2, Hirschmann Bat-c2 Firmware 2024-02-28 N/A 8.8 HIGH
The web server of Hirschmann BAT-C2 before 09.13.01.00R04 allows authenticated command injection. This allows an authenticated attacker to pass commands to the shell of the system because the dir parameter of the FsCreateDir Ajax function is not sufficiently sanitized. The vendor's ID is BSECV-2022-21.