What is the severity of CVE-2022-29834?

The severity of CVE-2022-29834 is high with a CVSS score of 7.5.

How does CVE-2022-29834 impact ICONICS GENESIS64?

CVE-2022-29834 allows a remote unauthenticated attacker to access arbitrary files in the GENESIS64 server and disclose sensitive information.

How can I fix CVE-2022-29834 in ICONICS GENESIS64?

To fix CVE-2022-29834 in ICONICS GENESIS64, it is recommended to apply the necessary security patches provided by ICONICS or upgrade to a non-vulnerable version.

Where can I find more information about CVE-2022-29834?

You can find more information about CVE-2022-29834 in the following references: [https://jvn.jp/vu/JVNVU96480474/index.html](https://jvn.jp/vu/JVNVU96480474/index.html) and [https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf](https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf)

Vulnerability/
CVE-2022-29834

high

7.5

CWE

20/7/2022

3/8/2024

CVE-2022-29834: Path Traversal

First published: Wed Jul 20 2022(Updated: )

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ICONICS GENESIS64 versions 10.97 to 10.97.1 allows a remote unauthenticated attacker to access to arbitrary files in the GENESIS64 server and disclose information stored in the files by embedding a malicious URL parameter in the URL of the monitoring screen delivered to the GENESIS64 mobile monitoring application and accessing the monitoring screen.

Credit: Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp

Affected Software	Affected Version	How to fix
ICONICS GENESIS64	=10.97
ICONICS GENESIS64	=10.97.1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the vulnerability ID CVE-2022-29834?
The vulnerability ID CVE-2022-29834 refers to an 'Improper Limitation of a Pathname to a Restricted Directory (Path Traversal)' vulnerability in ICONICS GENESIS64 versions 10.97 to 10.97.1.
What is the severity of CVE-2022-29834?
The severity of CVE-2022-29834 is high with a CVSS score of 7.5.
How does CVE-2022-29834 impact ICONICS GENESIS64?
CVE-2022-29834 allows a remote unauthenticated attacker to access arbitrary files in the GENESIS64 server and disclose sensitive information.
How can I fix CVE-2022-29834 in ICONICS GENESIS64?
To fix CVE-2022-29834 in ICONICS GENESIS64, it is recommended to apply the necessary security patches provided by ICONICS or upgrade to a non-vulnerable version.
Where can I find more information about CVE-2022-29834?
You can find more information about CVE-2022-29834 in the following references: [https://jvn.jp/vu/JVNVU96480474/index.html](https://jvn.jp/vu/JVNVU96480474/index.html) and [https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf](https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-008_en.pdf)

collector/nvd-index
agent/severity
agent/references
agent/author
agent/tags
agent/type
agent/event
agent/weakness
agent/description
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
collector/mitre-cve
source/MITRE
vendor/iconics
canonical/iconics genesis64
version/iconics genesis64/10.97
version/iconics genesis64/10.97.1

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.