Lucene search

[email protected]NVD:CVE-2022-47893

HistoryOct 03, 2023 - 12:15 p.m.

CVE-2022-47893

2023-10-0312:15:10

CWE-434

[email protected]

web.nvd.nist.gov

remote code execution

netman 204

firmware upload

webshell

arbitrary code

root access

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.002 Low

EPSS

Percentile

62.0%

JSON

There is a remote code execution vulnerability that affects all versions of NetMan 204. A remote attacker could upload a firmware file containing a webshell, that could allow him to execute arbitrary code as root.

Affected configurations

NVD

Node

riello-upsnetman_204_firmware

AND

riello-upsnetman_204Match-

References

www.incibe.es/incibe-cert/alerta-temprana/avisos-sci/multiples-vulnerabilidades-netman-204-riello-ups

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.002 Low

EPSS

Percentile

62.0%

JSON

Related for NVD:CVE-2022-47893

cve1 prion1 cvelist1 kitploit1