cve/2022/CVE-2022-42892.md

CVE-2022-42892

Description

A vulnerability has been identified in syngo Dynamics (All versions < VA40G HF01). syngo Dynamics application server hosts a web service using an operation with improper write access control that could allow directory listing in any folder accessible to the account assigned to the website’s application pool.

POC

Reference

• https://www.siemens-healthineers.com/en-us/support-documentation/cybersecurity/shsa-741697

Github

No PoCs found on GitHub currently.