Threat Encyclopedia

Open.Automation.OAS.SecureTransferFiles.Arbitrary.File.Write

description-logoDescription

This indicates an attack attempt to exploit an Arbitrary File Write Vulnerability in Open Automation Software platform.
This vulnerability is due to the SecureTransferFiles command allowing a non-privileged user to upload a file. An authenticated, remote user can exploit this vulnerability by sending crafted requests to the target platform. Successful exploitation could result in the writing of an arbitrary file, which may be used to facilitate the execution of arbitrary code.

affected-products-logoAffected Products

Open Automation Software OAS Platform V16.00.0112

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://openautomationsoftware.com/downloads/

CVE References

CVE-2022-26082

Telemetry logoTelemetry