CVE-2022-45699

Published February 10th, 2023

View on NVD ↗

CVSS v3

9.8

CRITICAL

CVSS v2

N/A

Affected

PROJECT

Description

Command injection in the administration interface in APSystems ECU-R version 5203 allows a remote unauthenticated attacker to execute arbitrary commands as root using the timezone parameter.

0xst4n/APSystems-ECU-R-RCE-TimezoneUNAVAILABLE

CVE-2022-45699 - APSystems ECU-R is vulnerable to command injection in the timezone field

GitHub