CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-28815

In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 the Sentilo Proxy server was discovered to contain a SQL injection vulnerability allowing an attacker to query other tables of the Sentilo service.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 23.0%

CVSS Severity

CVSS v3 Score 2.7

References

https://cert.vde.com/en/advisories/VDE-2022-029/
https://cert.vde.com/en/advisories/VDE-2022-029/

Products affected by CVE-2022-28815

Gavazziautomation » Cpy Car Park Server » Version: Any

cpe:2.3:a:gavazziautomation:cpy_car_park_server:*
Gavazziautomation » Uwp 3.0 Monitoring Gateway And Controller » Version: N/A

cpe:2.3:h:gavazziautomation:uwp_3.0_monitoring_gateway_and_controller:-
Gavazziautomation » Uwp 3.0 Monitoring Gateway And Controller Firmware » Version: Any

cpe:2.3:o:gavazziautomation:uwp_3.0_monitoring_gateway_and_controller_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-28815

Products

Pricing

Contact Us