CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2022-47190 – RCE via file upload vulnerability in Generex CS141
https://notcve.org/view.php?id=CVE-2022-47190
Generex UPS CS141 below 2.06 version, could allow a remote attacker to upload a firmware file containing a webshell that could allow him to execute arbitrary code as root. • https://www.generex.de/support/changelogs/cs141/2-12 https://www.generex.de/support/changelogs/cs141/page:2 https://www.incibe-cert.es/en/early-warning/ics-advisories/update-03032023-multiple-vulnerabilities-generex-ups-cs141 • CWE-20: Improper Input Validation CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-47191 – Privilege Escalation via file upload vulnerability at Generex CS141
https://notcve.org/view.php?id=CVE-2022-47191
Generex UPS CS141 below 2.06 version, could allow a remote attacker to upload a firmware file containing a file with modified permissions, allowing him to escalate privileges. • https://www.generex.de/support/changelogs/cs141/2-12 https://www.generex.de/support/changelogs/cs141/page:2 https://www.incibe-cert.es/en/early-warning/ics-advisories/update-03032023-multiple-vulnerabilities-generex-ups-cs141 • CWE-20: Improper Input Validation CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.1EPSS: 1%CPEs: 2EXPL: 1CVE-2022-42457
https://notcve.org/view.php?id=CVE-2022-42457
Generex CS141 through 2.10 allows remote command execution by administrators via a web interface that reaches run_update in /usr/bin/gxserve-update.sh (e.g., command execution can occur via a reverse shell installed by install.sh). Generex CS141 hasta la versión 2.10 permite la ejecución de comandos remotos por parte de los administradores a través de una interfaz web que llega a run_update en /usr/bin/gxserve-update.sh (por ejemplo, la ejecución de comandos puede ocurrir a través de un shell inverso instalado por install.sh). • https://github.com/hubertfarnsworth12/Generex-CS141-Authenticated-Remote-Command-Execution https://github.dev/hubertfarnsworth12/Generex-CS141-Authenticated-Remote-Command-Execution https://www.generex.de/products/ups https://www.generex.de/support/downloads/ups/cs141 https://www.generex.de/support/downloads/ups/cs141/update •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2020-11420
https://notcve.org/view.php?id=CVE-2020-11420
UPS Adapter CS141 before 1.90 allows Directory Traversal. An attacker with Admin or Engineer login credentials could exploit the vulnerability by manipulating variables that reference files and by doing this achieve access to files and directories outside the web root folder. An attacker may access arbitrary files and directories stored in the file system, but integrity of the files are not jeopardized as attacker have read access rights only. UPS Adapter CS141 versiones anteriores a la versión 1.90, permite un Salto de Directorio. Un atacante con credenciales de inicio de sesión Admin o Engineer podría explotar la vulnerabilidad al manipular las variables que hacen referencia a los archivos y, de este modo, lograr el acceso a los archivos y directorios fuera de la carpeta web root. • https://library.e.abb.com/public/ee46f3ff5823400f991ebd9bd43a297e/2CMT2020-005913%20Security%20Advisory%20CS141.pdf https://www.generex.de/index.php?option=com_content&task=view&id=185&Itemid=249 https://www.generex.de/support/changelogs/cs141/page:2 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •