CVE-2018-14802

Name of the Vulnerable Software and Affected Versions Fuji Electric FRENIC LOADER version 3.3 Fuji Electric FRENIC LOADER version 7.3.4.1a of FRENIC-Mini (C1) Fuji Electric FRENIC LOADER version 7.3.4.1a of FRENIC-Mini (C2) Fuji Electric FRENIC LOADER version 7.3.4.1a of FRENIC-Eco Fuji Electric FRENIC LOADER version 7.3.4.1a of FRENIC-Multi Fuji Electric FRENIC LOADER version 7.3.4.1a of FRENIC-MEGA Fuji Electric FRENIC LOADER version 7.3.4.1a of FRENIC-Ace

Description The issue arises from the program's failure to properly check user-supplied comments, potentially allowing for arbitrary remote code execution.

Recommendations For Fuji Electric FRENIC LOADER version 3.3, update to a version that properly checks user-supplied comments to prevent arbitrary remote code execution. For Fuji Electric FRENIC LOADER version 7.3.4.1a of FRENIC-Mini (C1), restrict user input to prevent exploitation until a patch is available. For Fuji Electric FRENIC LOADER version 7.3.4.1a of FRENIC-Mini (C2), restrict user input to prevent exploitation until a patch is available. For Fuji Electric FRENIC LOADER version 7.3.4.1a of FRENIC-Eco, restrict user input to prevent exploitation until a patch is available. For Fuji Electric FRENIC LOADER version 7.3.4.1a of FRENIC-Multi, restrict user input to prevent exploitation until a patch is available. For Fuji Electric FRENIC LOADER version 7.3.4.1a of FRENIC-MEGA, restrict user input to prevent exploitation until a patch is available. For Fuji Electric FRENIC LOADER version 7.3.4.1a of FRENIC-Ace, restrict user input to prevent exploitation until a patch is available.