MEDIUM🇬🇧 English

CVE-2024-22178

CVSS 4.9v3.1pub. 2024-04-03upd. 2025-11-04

A file write vulnerability exists in the OAS Engine Save Security Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can lead to arbitrary file creation or overwrite. An attacker can send a sequence of requests to trigger this vulnerability.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
  • Openautomationsoftware Open Automation Software

    APP
    Openautomationsoftware
    19.0.0.57
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2024-11220HIGH8.5ten sam produkt

A local low-level user on the server machine with credentials to the running OAS services can create and execu...

CVE-2024-21870MEDIUM4.9ten sam produkt

A file write vulnerability exists in the OAS Engine Tags Configuration functionality of Open Automation Softwa...

CVE-2024-24976MEDIUM4.9ten sam produkt

A denial of service vulnerability exists in the OAS Engine File Data Source Configuration functionality of Ope...

CVE-2024-27201MEDIUM4.9ten sam produkt

An improper input validation vulnerability exists in the OAS Engine User Configuration functionality of Open A...

CVE-2022-26082CRITICAL9.1ten sam vendor

A file write vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Softw...