Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2022-27226
HistoryMar 19, 2022 - 4:15 a.m.

CVE-2022-27226

2022-03-1904:15:08
CWE-352
[email protected]
web.nvd.nist.gov
6
csrf
crontab
remote code execution
irz mobile routers
filesystem access
default credentials

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.076

Percentile

94.3%

JSON

A CSRF issue in /api/crontab on iRZ Mobile Routers through 2022-03-16 allows a threat actor to create a crontab entry in the router administration panel. The cronjob will consequently execute the entry on the threat actor’s defined interval, leading to remote code execution, allowing the threat actor to gain filesystem access. In addition, if the router’s default credentials aren’t rotated or a threat actor discovers valid credentials, remote code execution can be achieved without user interaction.

Affected configurations

Nvd
Node
irzru21_firmwareRange2022-03-16
AND
irzru21Match-
Node
irzru21w_firmwareRange2022-03-16
AND
irzru21wMatch-
Node
irzrl21_firmwareRange2022-03-16
AND
irzrl21Match-
Node
irzru41_firmwareRange2022-03-16
AND
irzru41Match-
Node
irzrl01_firmwareRange2022-03-16
AND
irzrl01Match-
VendorProductVersionCPE
irzru21_firmware*cpe:2.3:o:irz:ru21_firmware:*:*:*:*:*:*:*:*
irzru21-cpe:2.3:h:irz:ru21:-:*:*:*:*:*:*:*
irzru21w_firmware*cpe:2.3:o:irz:ru21w_firmware:*:*:*:*:*:*:*:*
irzru21w-cpe:2.3:h:irz:ru21w:-:*:*:*:*:*:*:*
irzrl21_firmware*cpe:2.3:o:irz:rl21_firmware:*:*:*:*:*:*:*:*
irzrl21-cpe:2.3:h:irz:rl21:-:*:*:*:*:*:*:*
irzru41_firmware*cpe:2.3:o:irz:ru41_firmware:*:*:*:*:*:*:*:*
irzru41-cpe:2.3:h:irz:ru41:-:*:*:*:*:*:*:*
irzrl01_firmware*cpe:2.3:o:irz:rl01_firmware:*:*:*:*:*:*:*:*
irzrl01-cpe:2.3:h:irz:rl01:-:*:*:*:*:*:*:*

Related

checkpoint_advisories 1
exploitdb 1
githubexploit 1
prion 1
cvelist 1
zdt 1
attackerkb 1
nessus 1
cve 1
packetstorm 1
thn 1
checkpoint_advisories
checkpoint_advisories
IRZ Mobile Router Remote Code Execution (CVE-2022-27226)
2022-05-24 00:00:00
exploitdb
exploitdb
iRZ Mobile Router - CSRF to RCE
2022-03-22 00:00:00
githubexploit
githubexploit
Exploit for Cross-Site Request Forgery (CSRF) in Irz Ru21 Firmware
2022-03-16 17:45:12
prion
prion
Cross site request forgery (csrf)
2022-03-19 04:15:00
cvelist
cvelist
CVE-2022-27226
2022-03-19 03:04:03
zdt
zdt
iRZ Mobile Router - CSRF to Remote Code Execution Exploit
2022-03-22 00:00:00
attackerkb
attackerkb
CVE-2022-27226
2022-03-19 00:00:00
nessus
nessus
IRZ Mobile Routers Cross-Site Request Forgery (CVE-2022-27226)
2024-05-27 00:00:00
cve
cve
CVE-2022-27226
2022-03-19 04:15:08
packetstorm
packetstorm
iRZ Mobile Router Cross Site Request Forgery / Remote Code Execution
2022-03-22 00:00:00
thn
thn
New EnemyBot DDoS Botnet Borrows Exploit Code from Mirai and Gafgyt
2022-04-14 10:07:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.076

Percentile

94.3%

JSON
Related for NVD:CVE-2022-27226
checkpoint_advisories1exploitdb1githubexploit1prion1cvelist1zdt1attackerkb1nessus1cve1packetstorm1thn1