1 results (0.006 seconds)
CVSS: 9.1EPSS: 0%CPEs: 16EXPL: 0
CVSS: 9.1EPSS: 0%CPEs: 16EXPL: 0CVE-2022-28223
https://notcve.org/view.php?id=CVE-2022-28223
30 Mar 2022 — Tekon KIO devices through 2022-03-30 allow an authenticated admin user to escalate privileges to root by uploading a malicious Lua plugin. Los dispositivos KIO de Tekon versiones hasta 30-03-2022 permiten que un usuario administrador autenticado escale privilegios a root al cargar un plugin Lua malicioso • https://medium.com/%40bertinjoseb/post-auth-rce-based-in-malicious-lua-plugin-script-upload-scada-controllers-located-in-russia-57044425ac38 • CWE-434: Unrestricted Upload of File with Dangerous Type •