Carrier LenelS2 HID Mercury access panels 操作系统命令注入漏洞

🗓️ 02 Jun 2022 00:00:00Reported by China National Vulnerability Database of Information SecurityType

cnnvd

cnnvd🔗 www.cnnvd.org.cn👁 1 Views

There is a remote command injection flaw in Carrier LenelS2 HID Mercury panels via crafted host name.

Reporter	Title	Published	Views	Family All 19
ATTACKERKB	CVE-2022-31479	2 Jun 202222:00	–	attackerkb
BDU FSTEC	The vulnerability of HID Mercury programmable logic controllers’ microprogramming software relates to a flaw in the data protection mechanism, allowing an attacker to execute arbitrary shell commands.	8 Jun 202200:00	–	bdu_fstec
Circl	CVE-2022-31479	7 Jun 202208:16	–	circl
CNVD	Carrier LenelS2 HID Mercury access panels protection mechanism failure vulnerability	5 Jun 202200:00	–	cnvd
CVE	CVE-2022-31479	6 Jun 202216:36	–	cve
Cvelist	CVE-2022-31479 Remote Code Execution via command injection of the hostname	6 Jun 202216:36	–	cvelist
EUVD	EUVD-2022-52939	3 Oct 202520:07	–	euvd
ICS	Carrier LenelS2 HID Mercury access panels	2 Jun 202200:00	–	ics
NVD	CVE-2022-31479	6 Jun 202217:15	–	nvd
OSV	CVE-2022-31479	6 Jun 202217:15	–	osv

Source	Link
corporate	www.corporate.carrier.com/product-security/advisories-resources/
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB2022060318
us-cert	www.us-cert.cisa.gov/ics/advisories/icsa-22-153-01
cxsecurity	www.cxsecurity.com/cveshow/CVE-2022-31479/

23 May 2026 00:00Current

6Medium risk

Vulners AI Score6

CVSS 3.19.6 - 9.8

CVSS 210

EPSS0.09071

carrier lenels2 command injection remote exploit host name shell commands mercury panels