CVE-2022-2634

Name of the Vulnerable Software and Affected Versions Digi ConnectPort X2D (affected versions not specified)

Description The issue is related to errors in access control, allowing a remote attacker to execute arbitrary code by uploading specially crafted python files. This is due to the lack of device access protections and device permissions when using the web application, which could lead to malicious actions being executed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.