Lucene search
IcscertCVELIST:CVE-2022-0365HistoryFeb 04, 2022 - 10:29 p.m.
CVE-2022-0365 Ricon Mobile, Inc.
2022-02-0422:29:28
CWE-78
icscert
www.cve.org
2
cve-2022-0365
command injection
authenticated
admin user
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
AI Score
9.9
Confidence
High
EPSS
0.002
Percentile
52.6%
The affected product is vulnerable to an authenticated OS command injection, which may allow an attacker to inject and execute arbitrary shell commands as the Admin (root) user.
CNA Affected
[
{
"product": "Industrial Cellular Router",
"vendor": "Ricon",
"versions": [
{
"status": "affected",
"version": "S9922XL 16.10.3"
},
{
"status": "affected",
"version": "S9922L 16.10.3"
}
]
}
]Related
zeroscience
zeroscience
Ricon Industrial Cellular Router S9922XL Remote Command Execution
2021-07-04 00:00:00
cve
cve
CVE-2022-0365
2022-02-04 23:15:12
cnvd
cnvd
ics
ics
Ricon Mobile Industrial Cellular Router
2022-02-01 12:00:00
prion
prion
Command injection
2022-02-04 23:15:00
nvd
nvd
CVE-2022-0365
2022-02-04 23:15:12
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
AI Score
9.9
Confidence
High
EPSS
0.002
Percentile
52.6%
Related for CVELIST:CVE-2022-0365