CVE-2022-31483

Name of the Vulnerable Software and Affected Versions HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 versions prior to 1.271

Description The issue is related to incorrect restriction of directory path names, allowing an authenticated attacker to upload files with names including ".." and "/" to any location on the filesystem. This can enable a malicious actor to overwrite sensitive system files and install a startup service, gaining remote access to the underlying Linux operating system with root privileges. The vulnerability can be exploited by sending a specially crafted HTTP request.

Recommendations For versions prior to 1.271, update the firmware to version 1.271 or later to resolve the issue. As a temporary workaround, consider restricting access to file upload functionality until a patch is available. Avoid using the file upload feature with filenames including ".." and "/" until the issue is resolved.