Filtered by vendor Fujitsu
Subscriptions
Filtered by product Eternus Cs8000
Subscriptions
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-31795 | 1 Fujitsu | 2 Eternus Cs8000, Eternus Cs8000 Firmware | 2024-11-21 | 9.8 Critical |
An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8.1A SP02 P04. The vulnerability resides in the grel_finfo function in grel.php. An attacker is able to influence the username (user), password (pw), and file-name (file) parameters and inject special characters such as semicolons, backticks, or command-substitution sequences in order to force the application to execute arbitrary commands. | ||||
CVE-2022-31794 | 1 Fujitsu | 2 Eternus Cs8000, Eternus Cs8000 Firmware | 2024-11-21 | 9.8 Critical |
An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8.1A SP02 P04. The vulnerability resides in the requestTempFile function in hw_view.php. An attacker is able to influence the unitName POST parameter and inject special characters such as semicolons, backticks, or command-substitution sequences in order to force the application to execute arbitrary commands. |
Page 1 of 1.