Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Phoenix Contact: PC Worx/-Express prone to improper input validation vulnerability
Vulnerability Description
Improper Input Validation vulnerability in PC Worx Automation Suite of Phoenix Contact up to version 1.88 could allow an attacker with a manipulated project file to unpack arbitrary files outside of the selected project directory.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vulnerability Type
输入验证不恰当
Vulnerability Title
Phoenix Contact Automation Worx Software Suite 输入验证错误漏洞
Vulnerability Description
Phoenix Contact Automation Worx Software Suite是德国菲尼克斯电气(Phoenix Contact)公司的一套自动化Worx软件套件。 Phoenix Contact 的 PC Worx Automation Suite 存在输入验证错误漏洞,该漏洞源于1.88 版本中存在不正确的输入验证漏洞。攻击者可利用该漏洞导致被操纵的项目文件将任意文件解压缩到所选项目目录之外。
CVSS Information
N/A
Vulnerability Type
N/A