PT-2022-19255 · Cpy+1 · Cpy Car Park Server+1

Vera Mens

Published

2022-09-28

Updated

2022-10-07

CVE-2022-28815

CVSS v3.1

2.7

Low

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Carlo Gavazzi UWP3.0 versions (affected versions not specified) CPY Car Park Server version 2.8.3

Description The Sentilo Proxy server in the affected software contains a SQL injection issue, allowing an attacker to query other tables of the Sentilo service.

Recommendations For Carlo Gavazzi UWP3.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For CPY Car Park Server version 2.8.3, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-89

Related Identifiers

CVE-2022-28815

Affected Products

Cpy Car Park Server

Carlo Gavazzi Uwp3.0

PT-2022-19255 · Cpy+1 · Cpy Car Park Server+1

CVE-2022-28815

Weakness Enumeration

Related Identifiers

Affected Products

References · 4