CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-28811

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could utilize an improper input validation on an API-submitted parameter to execute arbitrary OS commands.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.6%

CVSS Severity

CVSS v3 Score 9.8

References

https://cert.vde.com/en/advisories/VDE-2022-029/
https://cert.vde.com/en/advisories/VDE-2022-029/

Products affected by CVE-2022-28811

Gavazziautomation » Cpy Car Park Server » Version: Any

cpe:2.3:a:gavazziautomation:cpy_car_park_server:*
Gavazziautomation » Uwp 3.0 Monitoring Gateway And Controller » Version: N/A

cpe:2.3:h:gavazziautomation:uwp_3.0_monitoring_gateway_and_controller:-
Gavazziautomation » Uwp 3.0 Monitoring Gateway And Controller Firmware » Version: Any

cpe:2.3:o:gavazziautomation:uwp_3.0_monitoring_gateway_and_controller_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-28811

Products

Pricing

Contact Us