Name of the Vulnerable Software and Affected Versions EKRASMS-SP terminal software (affected versions not specified)

Description The issue exists due to insufficient filtering of characters in file paths in the Modbus protocol implementation of the "Сервер связи" software. This could allow a remote attacker to execute arbitrary commands by creating a fake service that mimics certain Modbus/TCP protocol functions.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.