all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Schneider Electric SpaceLogic C-Bus Home Controller (5200WHC2) Remote Root

Add to bookmarks
July 21, 2022, 8:34 p.m. |

Packet Storm packetstormsecurity.com

Schneider Electric SpaceLogic C-Bus Home Controller (5200WHC2) versions 1.31.460 and below suffer from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands as the root user via the name GET parameter in delsnap.pl Perl/CGI script which is used for deleting snapshots taken from the webcam.

home root schneider schneider electric

Visit resource

More from packetstormsecurity.com / Packet Storm

Nmap Port Scanner 7.95 14 hours ago | packetstormsecurity.com
bypassing cases connect etc +21
Debian Security Advisory 5673-1 14 hours ago | packetstormsecurity.com
advisory application arbitrary code buffer +21
Ubuntu Security Notice USN-6746-1 14 hours ago | packetstormsecurity.com
agent attacker config denial of service +10
FortiNet FortiClient EMS 7.2.2 / 7.0.10 SQL Injection / Remote Code Execution 14 hours ago | packetstormsecurity.com
code code execution endpoint endpoint management +16
Suricata IDPE 7.0.5 14 hours ago | packetstormsecurity.com
a network detection engine foundation +17
Debian Security Advisory 5672-1 14 hours ago | packetstormsecurity.com
advisory debian debian linux security denial of service +14
GitLens Git Local Configuration Execution 14 hours ago | packetstormsecurity.com
arbitrary code code config configuration +15
Ubuntu Security Notice USN-6728-3 14 hours ago | packetstormsecurity.com
crash cve disabled environments +11
Ubuntu Security Notice USN-6743-2 14 hours ago | packetstormsecurity.com
attacker compromise kernel linux +8

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Director, Data Security Lead

@ Mastercard | London, England (Angel Lane)
View on infosec-jobs.com

Security Officer L1

@ NTT DATA | Texas, United States of America
View on infosec-jobs.com

Sr. Staff Application Security Engineer

@ Aurora Innovation | Seattle, WA
View on infosec-jobs.com

Senior Penetration Testing Engineer

@ WPP | Chennai
View on infosec-jobs.com

Cyber Security - Senior Software Developer in Test

@ BlackBerry | Bengaluru, Residency Road
View on infosec-jobs.com
View more jobs