CVE-2022-2106

Elcomplus SmartICS v2.3.4.0 does not validate the filenames sufficiently, which enables authenticated administrator-level users to perform path traversal attacks and specify arbitrary files.
Source: NIST
CVE-2022-2106