← back
CVE-2022-3575

Frauscher Sensortechnik Diagnostic System FDS102 for FAdC R2 and FAdCi R2 configuration upload vulnerability

CVSS 9.8 CRITICALEPSS 0.7%CWE-434
Vexday Risk Score
28Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 9.8EPSS 0.7%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
02 Nov 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Frauscher Sensortechnik GmbH FDS102 for FAdC R2 and FAdCi R2 v2.8.0 to v2.9.1 are vulnerable to malicious code upload without authentication by using the configuration upload function. This could lead to a complete compromise of the FDS102 device.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H