CVE-2022-36126

Published July 16th, 2022

View on NVD ↗

CVSS v3

7.2

HIGH

CVSS v2

N/A

Affected

PROJECT

Description

An issue was discovered in Inductive Automation Ignition before 7.9.20 and 8.x before 8.1.17. The ScriptInvoke function allows remote attackers to execute arbitrary code by supplying a Python script.

sourceincite/randy

A pre-authenticated RCE exploit for Inductive Automation Ignition

GitHub