Smartics

smartics

Vendor: Smartics • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-2140 1Smartics 1Smartics Nov 21, 2024 Jun 27, 2022 N/A· v4 9.0 CRITICAL· v3 6.0 MEDIUM· v2 Elcomplus SmartICS v2.3.4.0 does not neutralize user-controllable input, which allows an authenticated user to inject arbitrary code into specific parameters.
CVE-2022-2106 1Smartics 1Smartics Nov 21, 2024 Jun 27, 2022 N/A· v4 2.7 LOW· v3 4.0 MEDIUM· v2 Elcomplus SmartICS v2.3.4.0 does not validate the filenames sufficiently, which enables authenticated administrator-level users to perform path traversal attacks and specify arbitrary files.
CVE-2022-2088 1Smartics 1Smartics Nov 21, 2024 Jun 27, 2022 N/A· v4 4.9 MEDIUM· v3 6.8 MEDIUM· v2 An authenticated user with admin privileges may be able to terminate any process on the system running Elcomplus SmartICS v2.3.4.0.