Improper Input Validation vulnerability in PC Worx Automation Suite of Phoenix Contact up to version 1.88 could allow an attacker with a manipulated project file to unpack arbitrary files outside of the selected project directory.

Related CVEs

CVE-2021-34597

Key Information

GHSA ID

GHSA-m8p2-4fmh-2gr9

Published

May 24, 2022 7:19 PM

Last Modified

May 24, 2022 7:19 PM

CVSS Score

7.5 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: July 1, 2025 6:26 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.