Lucene search

[email protected]NVD:CVE-2022-29558

HistoryJul 28, 2022 - 10:15 p.m.

CVE-2022-29558

2022-07-2822:15:08

CWE-77

[email protected]

web.nvd.nist.gov

realtek rtl819x-sdk

command injection

web interface

cve-2022-29558

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

37.8%

JSON

Realtek rtl819x-SDK before v3.6.1 allows command injection over the web interface.

Affected configurations

Nvd

Node

realtekrtl819x_software_development_kitRange<3.6.1

VendorProductVersionCPE
realtekrtl819x_software_development_kit*cpe:2.3:a:realtek:rtl819x_software_development_kit:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
realtek	rtl819x_software_development_kit	*	cpe:2.3:a:realtek:rtl819x_software_development_kit::::::::

References

www.realtek.com

www.realtek.com/images/safe-report/Realtek_APRouter_SDK_Advisory-CVE-2022-29558.pdf

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

37.8%

JSON

Related for NVD:CVE-2022-29558

cve1 prion1 cvelist1