VYPR
Unrated severityNVD Advisory· Published Jul 20, 2022· Updated Jan 9, 2026

CVE-2022-29834

CVE-2022-29834

Description

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric ICONICS Suite versions 10.97 to 10.97.1, and Mitsubishi Electric Iconics Digital Solutions ICONICS Suite versions 10.97 to 10.97.1 allows a remote unauthenticated attacker to access to arbitrary files in the GENESIS64 server or ICONICS suite server and disclose information stored in the files by embedding a malicious URL parameter in the URL of the monitoring screen delivered to the GENESIS64 or ICONICS Suite mobile monitoring application and accessing the monitoring screen.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • Range: 10.97 to 10.97.1
  • Range: 10.97 to 10.97.1
  • Mitsubishi Electric/GENESIS64v5
    Range: Versions 10.97 to 10.97.1
  • Mitsubishi Electric Iconics Digital Solutions/GENESIS64v5
    Range: Versions 10.97 to 10.97.1
  • Mitsubishi Electric Iconics Digital Solutions/ICONICS Suitev5
    Range: Versions 10.97 to 10.97.1
  • Mitsubishi Electric/ICONICS Suitev5
    Range: Versions 10.97 to 10.97.1

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.