CVE-2022-48217

HIGH Year: 2022
CVSS v3 Score
8.1
High
Weakness Type
CWE-75
View all →

Vulnerability Description

The tf_remapper_node component 1.1.1 for Robot Operating System (ROS) allows attackers, who control the source code of a different node in the same ROS application, to change a robot's behavior. This occurs because a topic name depends on the attacker-controlled old_tf_topic_name and/or new_tf_topic_name parameter. NOTE: the vendor's position is "it is the responsibility of the programmer to make sure that only known and required parameters are set and unexpected parameters are not."

Related Vulnerabilities

CVE-2023-0302

HIGH
CVSS:8.6(High)

Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) in GitHub repository radareorg/radare2 prior to 5.8.2.

CWE-752023

CVE-2024-0801

HIGH
CVSS:7.5(High)

A denial of service vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in ASNative.dll.

CWE-752024

CVE-2024-24257

HIGH
CVSS:7.5(High)

An issue in skteco.com Central Control Attendance Machine web management platform v.3.0 allows an attacker to obtain sensitive information via a crafted script to the csl/user component.

CWE-752024

CVE-2021-39174

HIGH
CVSS:8.8(High)

Cachet is an open source status page system. Prior to version 2.5.1, authenticated users, regardless of their privileges (User or Admin), can leak the value of any configuration entry of the dotenv fi...

CWE-752021

CVE-2023-23912

HIGH
CVSS:8.8(High)

A vulnerability, found in EdgeRouters Version 2.0.9-hotfix.5 and earlier and UniFi Security Gateways (USG) Version 4.4.56 and earlier with their DHCPv6 prefix delegation set to dhcpv6-stateless or dhc...

CWE-752023

CVE-2023-27533

HIGH
CVSS:8.8(High)

A vulnerability in input validation exists in curl <8.0 during communication using the TELNET protocol may allow an attacker to pass on maliciously crafted user name and "telnet options" during server...

CWE-752023