Lucene search
K

7 matches found

OSV
OSV
added 2022/07/14 1:15 p.m.4 views

CVE-2022-28374

Verizon 5G Home LVSKIHP OutDoorUnit ODU 3.33.101.0 does not property sanitize user-controlled parameters within the DMACC URLs on the Settings page of the Engineering portal. An authenticated remote attacker on the local network can inject shell metacharacters into...

8.8CVSS6.4AI score0.01817EPSS
Exploits1References2
OSV
OSV
added 2022/07/14 1:15 p.m.2 views

CVE-2022-28375

Verizon 5G Home LVSKIHP OutDoorUnit ODU 3.33.101.0 does not property sanitize user-controlled parameters within the crtcswitchsimprofile function of the crtcrpc JSON listener. A remote attacker on the local network can inject shell metacharacters into /usr/lib/lua/5.1/luci/controller/rpc.lua to...

9.8CVSS6.4AI score
Exploits0References2
OSV
OSV
added 2022/07/14 1:15 p.m.4 views

CVE-2022-28372

On Verizon 5G Home LVSKIHP InDoorUnit IDU 3.4.66.162 and OutDoorUnit ODU 3.33.101.0 devices, the CRTC and ODU RPC endpoints provide a means of provisioning a firmware update for the device via crtcfwupgrade or crtcfwimage. The URL provided is not validated, and thus allows for arbitrary file uplo...

7.5CVSS5.9AI score0.0065EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2022/07/14 1:15 p.m.3 views

CVE-2022-28372

On Verizon 5G Home LVSKIHP InDoorUnit IDU 3.4.66.162 and OutDoorUnit ODU 3.33.101.0 devices, the CRTC and ODU RPC endpoints provide a means of provisioning a firmware update for the device via crtcfwupgrade or crtcfwimage. The URL provided is not validated, and thus allows for arbitrary file uplo...

7.5CVSS6AI score0.0065EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/07/14 12:0 a.m.4 views

Verizon 5G Home LVSKIHP 操作系统命令注入漏洞

The Verizon 5G Home LVSKIHP is an all-in-one integrated modem and router from Verizon USA. It provides access to Verizon Wireless 5G wireless home Internet service. A security vulnerability exists in Verizon 5G Home LVSKIHP OutDoorUnit ODU version 3.33.101.0, which stems from an attribute cleanup...

8.8CVSS8.7AI score0.01817EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/07/14 12:0 a.m.4 views

Verizon 5G Home LVSKIHP 安全漏洞

The Verizon 5G Home LVSKIHP is an all-in-one integrated modem and router from Verizon USA. It provides access to Verizon Wireless 5G wireless home Internet service. The Verizon 5G Home LVSKIHP InDoorUnit IDU version 3.4.66.162 and OutDoorUnit ODU version 3.33.101.0 devices have a security...

7.5CVSS7.4AI score0.00808EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/07/14 12:0 a.m.4 views

PT-2022-18979 · Verizon · Verizon 5G Home Lvskihp Outdoorunit

Name of the Vulnerable Software and Affected Versions: Verizon 5G Home LVSKIHP OutDoorUnit ODU version 3.33.101.0 Description: The issue affects the RPC endpoint "crtc fw upgrade" which is used for provisioning firmware updates. The script /lib/functions/wnc jsonsh/wnc crtc fw.sh lacks...

7.5CVSS7.4AI score0.00323EPSS
Exploits1References5
Rows per page
Query Builder