Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in flow computer and remote controller products of ABB ( RMC-100 (Standard), RMC-100-LITE, XIO, XFCG5 , XRCG5 , uFLOG5 , UDC) allows an attacker who successfully exploited this vulnerability could insert and run arbitrary code in an affected system node.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
abb rmc-100_firmware |
||
abb rmc-100-lite_firmware |
||
abb xio_firmware |
||
abb xfcg5_firmware |
||
abb xrcg5_firmware |
||
abb uflog5_firmware |
||
abb udc_firmware |