CVE-2022-2102

Name of the Vulnerable Software and Affected Versions SEPCOS Single Package (affected versions not specified)

Description The issue is related to the bypassing of controls that limit uploads to certain file extensions. This could allow an attacker to intercept and modify the initial file upload page response, enabling arbitrary file upload into locations where PHP scripts may be executed. The vulnerability may also be related to the incorrect implementation of the sequence of actions in the SEPCOS Single Package firmware upload handler, potentially allowing a remote attacker to upload arbitrary files.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.