CVE-2022-22986
Severity Score
8.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Netcommunity OG410X and OG810X series (Netcommunity OG410Xa, OG410Xi, OG810Xa, and OG810Xi firmware Ver.2.28 and earlier) allow an attacker on the adjacent network to execute an arbitrary OS command via a specially crafted config file.
Las series Netcommunity OG410X y OG810X (firmware Netcommunity OG410Xa, OG410Xi, OG810Xa y OG810Xi Versiones 2.28 y anteriores) permiten a un atacante en la red adyacente ejecutar un comando de Sistema Operativo arbitrario por medio de un archivo de configuraciĆ³n especialmente diseƱado
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-02-02 CVE Reserved
- 2022-03-31 CVE Published
- 2024-08-03 CVE Updated
- 2024-11-04 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
References (3)
| URL | Tag | Source |
|---|---|---|
| https://jvn.jp/en/vu/JVNVU94900322/index.html | Third Party Advisory |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://business.ntt-east.co.jp/topics/2022/03_22.html | 2022-04-08 | |
| https://www.ntt-west.co.jp/smb/kiki_info/info/220322.html | 2022-04-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ntt-east Search vendor "Ntt-east" | Og410xa Firmware Search vendor "Ntt-east" for product "Og410xa Firmware" | <= 2.28 Search vendor "Ntt-east" for product "Og410xa Firmware" and version " <= 2.28" | - |
Affected
| in | Ntt-east Search vendor "Ntt-east" | Og410xa Search vendor "Ntt-east" for product "Og410xa" | - | - |
Safe
|
| Ntt-east Search vendor "Ntt-east" | Og410xi Firmware Search vendor "Ntt-east" for product "Og410xi Firmware" | <= 2.28 Search vendor "Ntt-east" for product "Og410xi Firmware" and version " <= 2.28" | - |
Affected
| in | Ntt-east Search vendor "Ntt-east" | Og410xi Search vendor "Ntt-east" for product "Og410xi" | - | - |
Safe
|
| Ntt-east Search vendor "Ntt-east" | Og810xa Firmware Search vendor "Ntt-east" for product "Og810xa Firmware" | <= 2.28 Search vendor "Ntt-east" for product "Og810xa Firmware" and version " <= 2.28" | - |
Affected
| in | Ntt-east Search vendor "Ntt-east" | Og810xa Search vendor "Ntt-east" for product "Og810xa" | - | - |
Safe
|
| Ntt-east Search vendor "Ntt-east" | Og810xi Firmware Search vendor "Ntt-east" for product "Og810xi Firmware" | <= 2.28 Search vendor "Ntt-east" for product "Og810xi Firmware" and version " <= 2.28" | - |
Affected
| in | Ntt-east Search vendor "Ntt-east" | Og810xi Search vendor "Ntt-east" for product "Og810xi" | - | - |
Safe
|