Lucene search
TalosCVELIST:CVE-2022-33150HistoryOct 14, 2022 - 12:00 a.m.
CVE-2022-33150
2022-10-1400:00:00
CWE-78
talos
www.cve.org
3
os command injection
js_package install
robustel r1510 3.1.16
arbitrary command execution
network request
vulnerability
attacker
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
EPSS
0.003
Percentile
65.8%
An OS command injection vulnerability exists in the js_package install functionality of Robustel R1510 3.1.16. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability.
CNA Affected
[
{
"vendor": "Robustel",
"product": "R1510",
"versions": [
{
"version": "3.1.16",
"status": "affected"
}
]
}
]Related
talos
talos
Robustel R1510 js_package install OS command injection vulnerability
2022-10-14 00:00:00
nvd
nvd
CVE-2022-33150
2022-10-25 17:15:52
prion
prion
Command injection
2022-10-25 17:15:00
cve
cve
CVE-2022-33150
2022-10-25 17:15:52
talosblog
talosblog
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
EPSS
0.003
Percentile
65.8%
Related for CVELIST:CVE-2022-33150