Lucene search

[email protected]CVE-2022-36779

HistorySep 13, 2022 - 3:15 p.m.

CVE-2022-36779

2022-09-1315:15:00

CWE-78

[email protected]

web.nvd.nist.gov

cve-2022-36779

unauthenticated os command injection

industrial cellular router

gps

proscend

advice icr 111wg

nvd

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

51.3%

JSON

PROSCEND - PROSCEND / ADVICE .Ltd - G/5G Industrial Cellular Router (with GPS)4 Unauthenticated OS Command Injection Proscend M330-w / M33-W5 / M350-5G / M350-W5G / M350-6 / M350-W6 / M301-G / M301-GW ADVICE ICR 111WG / https://www.proscend.com/en/category/industrial-Cellular-Router/industrial-Cellular-Router.html https://cdn.shopify.com/s/files/1/0036/9413/3297/files/ADVICE_Industrial_4G_LTE_Cellular_Router_ICR111WG.pdf?v=1620814301

CPENameOperatorVersion
proscend:m330-w_firmwareproscend m330-w firmwarelt1.11
proscend:m330-w5_firmwareproscend m330-w5 firmwarelt1.11
proscend:m350-5g_firmwareproscend m350-5g firmwarelt1.02
proscend:m350-w5g_firmwareproscend m350-w5g firmwarelt1.02
proscend:m350-6_firmwareproscend m350-6 firmwarelt1.02
proscend:m350-w6_firmwareproscend m350-w6 firmwarelt1.02
proscend:m301-g_firmwareproscend m301-g firmwarelt2.20
proscend:m301-gw_firmwareproscend m301-gw firmwarelt2.20
advice:icr_111wg_firmwareadvice icr 111wg firmwarelt1.11

CPE	Name	Operator	Version
proscend:m330-w_firmware	proscend m330-w firmware	lt	1.11
proscend:m330-w5_firmware	proscend m330-w5 firmware	lt	1.11
proscend:m350-5g_firmware	proscend m350-5g firmware	lt	1.02
proscend:m350-w5g_firmware	proscend m350-w5g firmware	lt	1.02
proscend:m350-6_firmware	proscend m350-6 firmware	lt	1.02
proscend:m350-w6_firmware	proscend m350-w6 firmware	lt	1.02
proscend:m301-g_firmware	proscend m301-g firmware	lt	2.20
proscend:m301-gw_firmware	proscend m301-gw firmware	lt	2.20
advice:icr_111wg_firmware	advice icr 111wg firmware	lt	1.11

References

www.gov.il/en/departments/faq/cve_advisories

Social References

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.7 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

51.3%

JSON

Related for CVE-2022-36779

githubexploit1 prion1 jvn1 cvelist1