CVE-2022-47917
MEDIUMSewio RTLS Studio 2.0.0-2.6.2 - Arbitrary File Deletion & DoS via Input Validation
Title source: llmDescription
Sewio’s Real-Time Location System (RTLS) Studio version 2.0.0 up to and including version 2.6.2 is vulnerable to improper input validation of user input to several modules and services of the software. This could allow an attacker to delete arbitrary files and cause a denial-of-service condition.
References (1)
Core 1
Core References
Third Party Advisory, US Government Resource
https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-01
Scores
CVSS v3
6.8
EPSS
0.0068
EPSS Percentile
47.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-20
Status
published
Products (1)
sewio/real-time_location_system_studio
2.0.0 - 2.6.2
Published
Jan 18, 2023
Tracked Since
Feb 18, 2026