CVEs-PoC/2022/CVE-2022-2006.md

### [CVE-2022-2006](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2006)
![](https://img.shields.io/static/v1?label=Product&message=C-more%20EA9&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=EA9-T6CL%3C%206.73%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-427%20Uncontrolled%20Search%20Path%20Element&color=brighgreen)

### Description

AutomationDirect DirectLOGIC has a DLL vulnerability in the install directory that may allow an attacker to execute code during the installation process. This issue affects: AutomationDirect C-more EA9 EA9-T6CL versions prior to 6.73; EA9-T6CL-R versions prior to 6.73; EA9-T7CL versions prior to 6.73; EA9-T7CL-R versions prior to 6.73; EA9-T8CL versions prior to 6.73; EA9-T10CL versions prior to 6.73; EA9-T10WCL versions prior to 6.73; EA9-T12CL versions prior to 6.73; EA9-T15CL versions prior to 6.73; EA9-RHMI versions prior to 6.73; EA9-PGMSW versions prior to 6.73;

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/Live-Hack-CVE/CVE-2022-2006