Lucene search

[email protected]NVD:CVE-2022-31486

HistoryJun 06, 2022 - 5:15 p.m.

CVE-2022-31486

2022-06-0617:15:11

CWE-78

[email protected]

web.nvd.nist.gov

authenticated attacker

shell commands

hid mercury intelligent controllers

firmware vulnerability

device access

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:S/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.002

Percentile

62.1%

JSON

An authenticated attacker can send a specially crafted route to the “edit_route.cgi” binary and have it execute shell commands. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.303 for the LP series and 1.297 for the EP series. An attacker with this level of access on the device can monitor all communications sent to and from this device, modify onboard relays, change configuration files, or cause the device to become unstable.

Affected configurations

Nvd

Node

hidgloballp1501_firmwareRange<1.303

AND

hidgloballp1501Match-

Node

hidgloballp1502_firmwareRange<1.303

AND

hidgloballp1502Match-

Node

hidgloballp2500_firmwareRange<1.303

AND

hidgloballp2500Match-

Node

hidgloballp4502_firmwareRange<1.303

AND

hidgloballp4502Match-

Node

hidglobalep4502_firmwareRange<1.297

AND

hidglobalep4502Match-

Node

carrierlenels2_lnl-4420_firmwareRange<1.297

AND

carrierlenels2_lnl-4420Match-

Node

carrierlenels2_lnl-x2210_firmwareRange<1.303

AND

carrierlenels2_lnl-x2210Match-

Node

carrierlenels2_lnl-x2220_firmwareRange<1.303

AND

carrierlenels2_lnl-x2220Match-

Node

carrierlenels2_lnl-x3300_firmwareRange<1.303

AND

carrierlenels2_lnl-x3300Match-

Node

carrierlenels2_lnl-x4420_firmwareRange<1.303

AND

carrierlenels2_lnl-x4420Match-

Node

carrierlenels2_s2-lp-1501_firmwareRange<1.303

AND

carrierlenels2_s2-lp-1501Match-

Node

carrierlenels2_s2-lp-1502_firmwareRange<1.303

AND

carrierlenels2_s2-lp-1502Match-

Node

carrierlenels2_s2-lp-2500_firmwareRange<1.303

AND

carrierlenels2_s2-lp-2500Match-

Node

carrierlenels2_s2-lp-4502_firmwareRange<1.303

AND

carrierlenels2_s2-lp-4502Match-

VendorProductVersionCPE
hidgloballp1501_firmware*cpe:2.3:o:hidglobal:lp1501_firmware:*:*:*:*:*:*:*:*
hidgloballp1501-cpe:2.3:h:hidglobal:lp1501:-:*:*:*:*:*:*:*
hidgloballp1502_firmware*cpe:2.3:o:hidglobal:lp1502_firmware:*:*:*:*:*:*:*:*
hidgloballp1502-cpe:2.3:h:hidglobal:lp1502:-:*:*:*:*:*:*:*
hidgloballp2500_firmware*cpe:2.3:o:hidglobal:lp2500_firmware:*:*:*:*:*:*:*:*
hidgloballp2500-cpe:2.3:h:hidglobal:lp2500:-:*:*:*:*:*:*:*
hidgloballp4502_firmware*cpe:2.3:o:hidglobal:lp4502_firmware:*:*:*:*:*:*:*:*
hidgloballp4502-cpe:2.3:h:hidglobal:lp4502:-:*:*:*:*:*:*:*
hidglobalep4502_firmware*cpe:2.3:o:hidglobal:ep4502_firmware:*:*:*:*:*:*:*:*
hidglobalep4502-cpe:2.3:h:hidglobal:ep4502:-:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
hidglobal	lp1501_firmware	*	cpe:2.3:o:hidglobal:lp1501_firmware::::::::
hidglobal	lp1501	-	cpe:2.3:h:hidglobal:lp1501:-:::::::*
hidglobal	lp1502_firmware	*	cpe:2.3:o:hidglobal:lp1502_firmware::::::::
hidglobal	lp1502	-	cpe:2.3:h:hidglobal:lp1502:-:::::::*
hidglobal	lp2500_firmware	*	cpe:2.3:o:hidglobal:lp2500_firmware::::::::
hidglobal	lp2500	-	cpe:2.3:h:hidglobal:lp2500:-:::::::*
hidglobal	lp4502_firmware	*	cpe:2.3:o:hidglobal:lp4502_firmware::::::::
hidglobal	lp4502	-	cpe:2.3:h:hidglobal:lp4502:-:::::::*
hidglobal	ep4502_firmware	*	cpe:2.3:o:hidglobal:ep4502_firmware::::::::
hidglobal	ep4502	-	cpe:2.3:h:hidglobal:ep4502:-:::::::*