CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-22524

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 an unauthenticated remote attacker could utilize a SQL-Injection vulnerability to gain full database access, modify users and stop services .

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 51.5%

CVSS Severity

CVSS v3 Score 9.4

References

https://cert.vde.com/en/advisories/VDE-2022-029/
https://cert.vde.com/en/advisories/VDE-2022-029/

Products affected by CVE-2022-22524

Gavazziautomation » Cpy Car Park Server » Version: Any

cpe:2.3:a:gavazziautomation:cpy_car_park_server:*
Gavazziautomation » Uwp 3.0 Monitoring Gateway And Controller » Version: N/A

cpe:2.3:h:gavazziautomation:uwp_3.0_monitoring_gateway_and_controller:-
Gavazziautomation » Uwp 3.0 Monitoring Gateway And Controller Firmware » Version: Any

cpe:2.3:o:gavazziautomation:uwp_3.0_monitoring_gateway_and_controller_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-22524

Products

Pricing

Contact Us