CVE-2022-4636 Information

Description

Black Box KVM Firmware version 3.4.31307 on models ACR1000A-R-R2 ACR1000A-T-R2 ACR1002A-T ACR1002A-R and ACR1020A-T is vulnerable to path traversal which may allow an attacker to steal user credentials and other sensitive information through local file inclusion.

Reference

https://www.cisa.gov/uscert/ics/advisories/icsa-23-010-01