Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistMitreCVELIST:CVE-2022-28374
HistoryJul 14, 2022 - 12:28 p.m.

CVE-2022-28374

2022-07-1412:28:40
mitre
www.cve.org
1
verizon 5g home
odu
remote code execution
root
engineering portal
dmacc urls
authenticated
remote attacker
local network
shell metacharacters

AI Score

9.1

Confidence

High

EPSS

0.005

Percentile

75.6%

JSON

Verizon 5G Home LVSKIHP OutDoorUnit (ODU) 3.33.101.0 does not property sanitize user-controlled parameters within the DMACC URLs on the Settings page of the Engineering portal. An authenticated remote attacker on the local network can inject shell metacharacters into /usr/lib/lua/5.1/luci/controller/admin/settings.lua to achieve remote code execution as root.

Related

prion 1
nvd 1
cve 1
prion
prion
Remote code execution
2022-07-14 13:15:00
nvd
nvd
CVE-2022-28374
2022-07-14 13:15:08
cve
cve
CVE-2022-28374
2022-07-14 13:15:08

AI Score

9.1

Confidence

High

EPSS

0.005

Percentile

75.6%

JSON
Related for CVELIST:CVE-2022-28374
prion1nvd1cve1