Smartics: >> Smartics >> 2.3.4.0 Security Vulnerabilities
An authenticated user with admin privileges may be able to terminate any process on the system running Elcomplus SmartICS v2.3.4.0.
CVSS Score
6.8
EPSS Score
0.001
Published
2022-06-27
Elcomplus SmartICS v2.3.4.0 does not validate the filenames sufficiently, which enables authenticated administrator-level users to perform path traversal attacks and specify arbitrary files.
CVSS Score
3.8
EPSS Score
0.002
Published
2022-06-27
Elcomplus SmartICS v2.3.4.0 does not neutralize user-controllable input, which allows an authenticated user to inject arbitrary code into specific parameters.
CVSS Score
8.8
EPSS Score
0.003
Published
2022-06-27