Vulnerability CVE-2022-40976


Published: 2022-11-24

Description:
A path traversal vulnerability was discovered in multiple Pilz products. An unauthenticated local attacker could use a zipped, malicious configuration file to trigger arbitrary file writes ('zip-slip').

Type:

CWE-22

(Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'))

 References:
https://cert.vde.com/en/advisories/VDE-2022-044/
https://cert.vde.com/en/advisories/VDE-2022-045/

Copyright 2022, cxsecurity.com

 

Back to Top