High severity7.5NVD Advisory· Published Nov 24, 2022· Updated Jun 17, 2026
CVE-2022-40977
CVE-2022-40977
Description
A path traversal vulnerability was discovered in Pilz PASvisu Server before 1.12.0. An unauthenticated remote attacker could use a zipped, malicious configuration file to trigger arbitrary file writes ('zip-slip'). File writes do not affect confidentiality or availability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5- Range: <1.12.0
- PILZ/PASvisuv5Range: 1.0.0
- PILZ/PMI v5xx (265507 + 265512)v5Range: 1.0.0
- PILZ/PMI v7xx (266704 + 266707)v5Range: 1.0.0
- PILZ/PMI v8xx (266807, 266812, 266815)v5Range: 1.0.0
Patches
Vulnerability mechanics
References
1- cert.vde.com/en/advisories/VDE-2022-033/nvdMitigationThird Party Advisory
News mentions
0No linked articles in our index yet.