Vulnerabilities > CVE-2022-47192 - Unspecified vulnerability in Generex Cs141 Firmware

CVSS 8.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

generex

NVD

Published: 2023-03-31

Updated: 2023-04-06

Summary

Generex UPS CS141 below 2.06 version, could allow a remote attacker to upload a backup file containing a modified "users.json" to the web server of the device, allowing him to replace the administrator password.

Vulnerable Configurations

Part	Description	Count
OS	Generex Generex Cs141 Firmware - Generex Cs141 Firmware 1.90 Generex Cs141 Firmware 2.00 Generex Cs141 Firmware 2.02 Generex Cs141 Firmware 2.04	5
Hardware	Generex Generex Cs141 -	1

References

https://www.incibe-cert.es/en/early-warning/ics-advisories/update-03032023-multiple-vulnerabilities-generex-ups-cs141
https://www.generex.de/support/changelogs/cs141/2-12
https://www.generex.de/support/changelogs/cs141/page:2