Fujitsu Eternus Cs8000 Firmware vulnerabilities
2 known vulnerabilities affecting fujitsu/eternus_cs8000_firmware.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2
Vulnerabilities
Page 1 of 1
CVE-2022-31795P2CRITICALCVSS 9.8fixed in 8.1v8.12022-06-20
CVE-2022-31795 [CRITICAL] CWE-78 CVE-2022-31795: An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8.1A S
An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8.1A SP02 P04. The vulnerability resides in the grel_finfo function in grel.php. An attacker is able to influence the username (user), password (pw), and file-name (file) parameters and inject special characters such as semicolons, backticks, or command-su
nvd
CVE-2022-31794P2CRITICALCVSS 9.8fixed in 8.1v8.12022-06-20
CVE-2022-31794 [CRITICAL] CWE-78 CVE-2022-31794: An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8.1A S
An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8.1A SP02 P04. The vulnerability resides in the requestTempFile function in hw_view.php. An attacker is able to influence the unitName POST parameter and inject special characters such as semicolons, backticks, or command-substitution sequences in order to
nvd