CVE-2022-37122

HIGH NUCLEI

Carel Pcoweb Card Firmware < b.2.1.0 - Path Traversal

Title source: rule

Description

Carel pCOWeb HVAC BACnet Gateway 2.1.0, Firmware: A2.1.0 - B2.1.0, Application Software: 2.15.4A Software v16 13020200 suffers from an unauthenticated arbitrary file disclosure vulnerability. Input passed through the 'file' GET parameter through the 'logdownload.cgi' Bash script is not properly verified before being used to download log files. This can be exploited to disclose the contents of arbitrary and sensitive files via directory traversal attacks.

Exploits (1)

nomisec SCANNER 10 stars

by bughuntar · poc

https://github.com/bughuntar/CVE-2022-37122-Exploit

View Code ZIP pw:eip

Nuclei Templates (1)

Carel pCOWeb HVAC BACnet Gateway 2.1.0 - Path Traversal

HIGHby gy741

References (3)

[Exploit, Third Party Advisory, VDB Entry] https://packetstormsecurity.com/files/167684/

[Exploit, Third Party Advisory] https://www.zeroscience.mk/codes/carelpco_dir.txt

[Exploit, Third Party Advisory] https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5709.php

Scores

CVSS v3 7.5

EPSS 0.7093

EPSS Percentile 98.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-22

Status published

Products (4)

carel/applica 2.154a

carel/applica 16_13020200

carel/pcoweb_card_firmware a2.1.0 - b.2.1.0

carel/pcoweb_hvac_bacnet_gateway 2.1.0

Published Aug 31, 2022

Tracked Since Feb 18, 2026