CVE-2022-2893 Information

Description

RONDS EPM version 1.19.5 does not properly validate the filename parameter which could allow an unauthorized user to specify file paths and download files.

Reference

https://www.cisa.gov/uscert/ics/advisories/icsa-23-012-02