Lucene search

[email protected]CVE-2022-45551

HistoryMar 03, 2023 - 1:15 p.m.

CVE-2022-45551

2023-03-0313:15:10

CWE-306

[email protected]

web.nvd.nist.gov

cve-2022-45551

shenzhen zbt

we1626 router

21.06.18

privilege escalation

wget command

network diagnosis endpoint

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.1%

JSON

An issue discovered in Shenzhen Zhiboton Electronics ZBT WE1626 Router v 21.06.18 allows attackers to escalate privileges via WGET command to the Network Diagnosis endpoint.

Affected configurations

NVD

Node

zbtwe1626Match-

AND

zbtwe1626_firmwareMatch21.06.18

CPENameOperatorVersion
zbt:we1626_firmwarezbt we1626 firmwareeq21.06.18

CPE	Name	Operator	Version
zbt:we1626_firmware	zbt we1626 firmware	eq	21.06.18

References

shenzhen.com

zbt.com

blog.prodefense.io/zbt-we1626-wireless-router-cve-disclosures-b3534484d97d

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.1%

JSON

Related for CVE-2022-45551

nvd1 prion1 cvelist1