Smartics: >> Smartics Security Vulnerabilities
An authenticated user with admin privileges may be able to terminate any process on the system running Elcomplus SmartICS v2.3.4.0.
CVSS Score
6.8
EPSS Score
0.001
Published
2022-06-27
Elcomplus SmartICS v2.3.4.0 does not validate the filenames sufficiently, which enables authenticated administrator-level users to perform path traversal attacks and specify arbitrary files.
CVSS Score
3.8
EPSS Score
0.002
Published
2022-06-27
Elcomplus SmartICS v2.3.4.0 does not neutralize user-controllable input, which allows an authenticated user to inject arbitrary code into specific parameters.
CVSS Score
8.8
EPSS Score
0.003
Published
2022-06-27