Vulnerability CVE-2022-40977


Published: 2022-11-24

Description:
A path traversal vulnerability was discovered in Pilz PASvisu Server before 1.12.0. An unauthenticated remote attacker could use a zipped, malicious configuration file to trigger arbitrary file writes ('zip-slip').

Type:

CWE-22

(Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'))

 References:
https://cert.vde.com/en/advisories/VDE-2022-033/

Copyright 2022, cxsecurity.com

 

Back to Top