{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T02:56:02.048","vulnerabilities":[{"cve":{"id":"CVE-2022-22525","sourceIdentifier":"info@cert.vde.com","published":"2022-09-28T14:15:10.187","lastModified":"2024-11-21T06:46:57.463","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 an remote attacker with admin rights could execute arbitrary commands due to missing input sanitization in the backup restore function"},{"lang":"es","value":"En Carlo Gavazzi UWP versión 3.0 en múltiples versiones y CPY Car Park Server en versión 2.8.3, un atacante remoto con derechos de administrador podría ejecutar comandos arbitrarios debido a una falta de saneo de entrada en la función backup restore"}],"metrics":{"cvssMetricV31":[{"source":"info@cert.vde.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}]},"weaknesses":[{"source":"info@cert.vde.com","type":"Secondary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:gavazziautomation:cpy_car_park_server:*:*:*:*:*:*:*:*","versionEndExcluding":"2.8.3","matchCriteriaId":"6E670508-7A94-4A01-9C2B-51E82D5A861F"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:gavazziautomation:uwp_3.0_monitoring_gateway_and_controller_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"8.5.0.3","matchCriteriaId":"14B2D9AB-2D19-4AD6-A049-CDB6814CC8D0"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:gavazziautomation:uwp_3.0_monitoring_gateway_and_controller:-:*:*:*:*:*:*:*","matchCriteriaId":"90DBF492-5F3A-4F53-ACFC-59F89470D632"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:gavazziautomation:uwp_3.0_monitoring_gateway_and_controller_firmware:*:*:edp:*:*:*:*:*","versionEndExcluding":"8.5.0.3","matchCriteriaId":"5BFC1445-995C-44F7-BE85-E0C1D462573E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:gavazziautomation:uwp_3.0_monitoring_gateway_and_controller:-:*:edp:*:*:*:*:*","matchCriteriaId":"C7900CB8-560F-4DD7-82B9-8226A8F5F5CC"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:gavazziautomation:uwp_3.0_monitoring_gateway_and_controller_firmware:*:*:security_enhanced:*:*:*:*:*","versionEndExcluding":"8.5.0.3","matchCriteriaId":"F6584CB1-FA0B-468D-AA58-F2D2F33763AA"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:gavazziautomation:uwp_3.0_monitoring_gateway_and_controller:-:*:security_enhanced:*:*:*:*:*","matchCriteriaId":"B29F6465-3533-4B50-B436-4DC4E6F1B361"}]}]}],"references":[{"url":"https://cert.vde.com/en/advisories/VDE-2022-029/","source":"info@cert.vde.com","tags":["Third Party Advisory"]},{"url":"https://cert.vde.com/en/advisories/VDE-2022-029/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}