← Zuruck zu CVEs
CVE-2022-21143
HIGH7.5
Beschreibung
MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 does not properly sanitize user input on several locations, which may allow an attacker to inject arbitrary commands.
CVE Details
CVSS v3.1 Bewertung7.5
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht2/18/2022
Zuletzt geandert11/21/2024
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
airspan:a5xairspan:a5x_firmwareairspan:c5cairspan:c5c_firmwareairspan:c5xairspan:c5x_firmwareairspan:c6xairspan:c6x_firmwareairspan:mimosa_management_platform
Schwachen (CWE)
CWE-78CWE-78
Referenzen
https://www.cisa.gov/uscert/ics/advisories/icsa-22-034-02(ics-cert@hq.dhs.gov)
https://www.cisa.gov/uscert/ics/advisories/icsa-22-034-02(af854a3a-2127-422b-91ae-364da2661108)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.