A file write vulnerability exists in the OAS Engine...
Critical severity
Unreviewed
Published
May 26, 2022
to the GitHub Advisory Database
•
Updated Jan 30, 2023
Description
Published by the National Vulnerability Database
May 25, 2022
Published to the GitHub Advisory Database
May 26, 2022
Last updated
Jan 30, 2023
A file write vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.
References