Lucene search
IcscertCVELIST:CVE-2022-1362HistoryMay 17, 2022 - 8:19 p.m.
CVE-2022-1362 Cambium Networks cnMaestro OS Command Injection
2022-05-1720:19:35
CWE-78
icscert
www.cve.org
1
cve-2022-1362
cambium networks
on-premise
cnmaestro
command injection
vulnerability
arbitrary commands
CVSS3
5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
EPSS
0
Percentile
12.7%
The affected On-Premise cnMaestro is vulnerable inside a specific route where a user can upload a crafted package to the system. An attacker could abuse this user-controlled data to execute arbitrary commands on the server.
CNA Affected
[
{
"product": "cnMaestro",
"vendor": "Cambium Networks",
"versions": [
{
"lessThan": "3.0.3-r32",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "2.4.2-r29",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "3.0.0-r34",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
]Related
prion
prion
Design/Logic Flaw
2022-05-17 21:15:00
cnvd
cnvd
nvd
nvd
CVE-2022-1362
2022-05-17 21:15:08
cve
cve
CVE-2022-1362
2022-05-17 21:15:08
ics
ics
Cambium Networks cnMaestro
2022-05-12 12:00:00
CVSS3
5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
EPSS
0
Percentile
12.7%
Related for CVELIST:CVE-2022-1362