TROYANOSYVIRUS
Voltar para CVEs

CVE-2022-3086

HIGH
7.1

Descricao

Cradlepoint IBR600 NCOS versions 6.5.0.160bc2e and prior are vulnerable to shell escape, which enables local attackers with non-superuser credentials to gain full, unrestrictive shell access which may allow an attacker to execute arbitrary code.

Detalhes CVE

Pontuacao CVSS v3.17.1
SeveridadeHIGH
Vetor CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Vetor de ataqueLOCAL
ComplexidadeLOW
Privilegios necessariosLOW
Interacao do usuarioNONE
Publicado12/2/2022
Ultima modificacao11/21/2024
Fontenvd
Avistamentos honeypot0

Produtos afetados

moxa:uc-2101-lxmoxa:uc-2101-lx_firmwaremoxa:uc-2102-lxmoxa:uc-2102-lx_firmwaremoxa:uc-2104-lxmoxa:uc-2104-lx_firmwaremoxa:uc-2111-lxmoxa:uc-2111-lx_firmwaremoxa:uc-2112-lxmoxa:uc-2112-lx_firmwaremoxa:uc-2114-t-lxmoxa:uc-2114-t-lx_firmwaremoxa:uc-2116-t-lxmoxa:uc-2116-t-lx_firmwaremoxa:uc-3101-t-ap-lxmoxa:uc-3101-t-ap-lx_firmwaremoxa:uc-3101-t-eu-lxmoxa:uc-3101-t-eu-lx_firmwaremoxa:uc-3101-t-us-lxmoxa:uc-3101-t-us-lx_firmwaremoxa:uc-3111-t-ap-lxmoxa:uc-3111-t-ap-lx-nwmoxa:uc-3111-t-ap-lx-nw_firmwaremoxa:uc-3111-t-ap-lx_firmwaremoxa:uc-3111-t-eu-lxmoxa:uc-3111-t-eu-lx-nwmoxa:uc-3111-t-eu-lx-nw_firmwaremoxa:uc-3111-t-eu-lx_firmwaremoxa:uc-3111-t-us-lxmoxa:uc-3111-t-us-lx-nwmoxa:uc-3111-t-us-lx-nw_firmwaremoxa:uc-3111-t-us-lx_firmwaremoxa:uc-3121-t-ap-lxmoxa:uc-3121-t-ap-lx_firmwaremoxa:uc-3121-t-eu-lxmoxa:uc-3121-t-eu-lx_firmwaremoxa:uc-3121-t-us-lxmoxa:uc-3121-t-us-lx_firmwaremoxa:uc-5101-lxmoxa:uc-5101-lx_firmwaremoxa:uc-5101-t-lxmoxa:uc-5101-t-lx_firmwaremoxa:uc-5102-lxmoxa:uc-5102-lx_firmwaremoxa:uc-5102-t-lxmoxa:uc-5102-t-lx_firmwaremoxa:uc-5111-lxmoxa:uc-5111-lx_firmwaremoxa:uc-5111-t-lxmoxa:uc-5111-t-lx_firmwaremoxa:uc-5112-lxmoxa:uc-5112-lx_firmwaremoxa:uc-5112-t-lxmoxa:uc-5112-t-lx_firmwaremoxa:uc-8112-lxmoxa:uc-8112-lx_firmwaremoxa:uc-8112a-me-t-lxmoxa:uc-8112a-me-t-lx_firmwaremoxa:uc-8131-lxmoxa:uc-8131-lx_firmwaremoxa:uc-8132-lxmoxa:uc-8132-lx_firmwaremoxa:uc-8162-lxmoxa:uc-8162-lx_firmwaremoxa:uc-8210-t-lx-smoxa:uc-8210-t-lx-s_firmwaremoxa:uc-8220-t-lxmoxa:uc-8220-t-lx-ap-smoxa:uc-8220-t-lx-ap-s_firmwaremoxa:uc-8220-t-lx-eu-smoxa:uc-8220-t-lx-eu-s_firmwaremoxa:uc-8220-t-lx-us-smoxa:uc-8220-t-lx-us-s_firmwaremoxa:uc-8220-t-lx_firmwaremoxa:uc-8410a-lxmoxa:uc-8410a-lx_firmwaremoxa:uc-8410a-nw-lxmoxa:uc-8410a-nw-lx_firmwaremoxa:uc-8410a-nw-t-lxmoxa:uc-8410a-nw-t-lx_firmwaremoxa:uc-8410a-t-lxmoxa:uc-8410a-t-lx_firmwaremoxa:uc-8540-lxmoxa:uc-8540-lx_firmwaremoxa:uc-8540-t-ct-lxmoxa:uc-8540-t-ct-lx_firmwaremoxa:uc-8540-t-lxmoxa:uc-8540-t-lx_firmwaremoxa:uc-8580-lxmoxa:uc-8580-lx_firmwaremoxa:uc-8580-q-lxmoxa:uc-8580-q-lx_firmwaremoxa:uc-8580-t-ct-lxmoxa:uc-8580-t-ct-lx_firmwaremoxa:uc-8580-t-ct-q-lxmoxa:uc-8580-t-ct-q-lx_firmwaremoxa:uc-8580-t-lxmoxa:uc-8580-t-lx_firmwaremoxa:uc-8580-t-q-lxmoxa:uc-8580-t-q-lx_firmware

Fraquezas (CWE)

CWE-77

Referencias

https://www.cisa.gov/uscert/ics/advisories/icsa-22-321-02(ics-cert@hq.dhs.gov)
https://www.cisa.gov/uscert/ics/advisories/icsa-22-321-02(af854a3a-2127-422b-91ae-364da2661108)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.