VYPR
Unrated severityNVD Advisory· Published Jun 13, 2022· Updated Nov 20, 2024

FESTO: CECC-X-M1 and Servo Press Kit YJKP OS Command Injection vulnerability

CVE-2022-30310

Description

In Festo Controller CECC-X-M1 product family in multiple versions, the http-endpoint "cecc-x-acknerr-request" POST request doesn’t check for port syntax. This can result in unauthorized execution of system commands with root privileges due to improper access control command injection.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

7

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.