CVE-2021-33884
MEDIUMBbraun Spacecom2 < 012u000062 - Unrestricted File Upload
Title source: ruleDescription
An Unrestricted Upload of File with Dangerous Type vulnerability in B. Braun SpaceCom2 prior to 012U000062 allows remote attackers to upload any files to the /tmp directory of the device through the webpage API. This can result in critical files being overwritten.
References (2)
Core 2
Core References
Broken Link x_refsource_misc
https://www.bbraunusa.com/en.htm
Exploit, Third Party Advisory x_refsource_misc
https://www.mcafee.com/blogs/enterprise/mcafee-enterprise-atr/mcafee-enterprise-atr-uncovers-vulnerabilities-in-globally-used-b-braun-infusion-pump/
Scores
CVSS v3
6.5
EPSS
0.0045
EPSS Percentile
63.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Details
CWE
CWE-434
Status
published
Products (1)
bbraun/spacecom2
< 012u000062
Published
Aug 25, 2021
Tracked Since
Feb 18, 2026