10

CVE-2022-29516

The web console of FUJITSU Network IPCOM series (IPCOM EX2 IN(3200, 3500), IPCOM EX2 LB(1100, 3200, 3500), IPCOM EX2 SC(1100, 3200, 3500), IPCOM EX2 NW(1100, 3200, 3500), IPCOM EX2 DC, IPCOM EX2 DC, IPCOM EX IN(2300, 2500, 2700), IPCOM EX LB(1100, 1300, 2300, 2500, 2700), IPCOM EX SC(1100, 1300, 2300, 2500, 2700), and IPCOM EX NW(1100, 1300, 2300, 2500, 2700)) allows a remote attacker to execute an arbitrary OS command via unspecified vectors.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
FujitsuIpcom Ex2 Nw 1100 Firmware Version < v01l05_nf0501
   FujitsuIpcom Ex2 Nw 1100 Version-
FujitsuIpcom Ex2 Nw 3500 Firmware Version < v01l05_nf0501
   FujitsuIpcom Ex2 Nw 3500 Version-
FujitsuIpcom Ex2 Nw 3200 Firmware Version < v01l05_nf0501
   FujitsuIpcom Ex2 Nw 3200 Version-
FujitsuIpcom Ex2 Sc 1100 Firmware Version < v01l05_nf0501
   FujitsuIpcom Ex2 Sc 1100 Version-
FujitsuIpcom Ex2 Sc 3500 Firmware Version < v01l05_nf0501
   FujitsuIpcom Ex2 Sc 3500 Version-
FujitsuIpcom Ex2 Sc 3200 Firmware Version < v01l05_nf0501
   FujitsuIpcom Ex2 Sc 3200 Version-
FujitsuIpcom Ex2 Lb 1100 Firmware Version < v01l05_nf0501
   FujitsuIpcom Ex2 Lb 1100 Version-
FujitsuIpcom Ex2 Lb 3500 Firmware Version < v01l05_nf0501
   FujitsuIpcom Ex2 Lb 3500 Version-
FujitsuIpcom Ex2 Lb 3200 Firmware Version < v01l05_nf0501
   FujitsuIpcom Ex2 Lb 3200 Version-
FujitsuIpcom Ex2 In 1100 Firmware Version < v01l05_nf0501
   FujitsuIpcom Ex2 In 1100 Version-
FujitsuIpcom Ex2 In 3200 Firmware Version < v01l05_nf0501
   FujitsuIpcom Ex2 In 3200 Version-
FujitsuIpcom Ex2 In 3500 Firmware Version < v01l05_nf0501
   FujitsuIpcom Ex2 In 3500 Version-
FujitsuIpcom Ex2 Dc 3500 Firmware Version < v02l21_nf0201
   FujitsuIpcom Ex2 Dc 3500 Version-
FujitsuIpcom Ex2 Dc 3200 Firmware Version < v02l21_nf0201
   FujitsuIpcom Ex2 Dc 3200 Version-
FujitsuIpcom Ex In 2300 Firmware Version < e20l33_nf1101
   FujitsuIpcom Ex In 2300 Version-
FujitsuIpcom Ex In 2500 Firmware Version < e20l33_nf1101
   FujitsuIpcom Ex In 2500 Version-
FujitsuIpcom Ex In 2700 Firmware Version < e20l33_nf1101
   FujitsuIpcom Ex In 2700 Version-
FujitsuIpcom Ex Lb 1100 Firmware Version < e20l33_nf1101
   FujitsuIpcom Ex Lb 1100 Version-
FujitsuIpcom Ex Lb 1300 Firmware Version < e20l33_nf1101
   FujitsuIpcom Ex Lb 1300 Version-
FujitsuIpcom Ex Lb 2300 Firmware Version < e20l33_nf1101
   FujitsuIpcom Ex Lb 2300 Version-
FujitsuIpcom Ex Lb 2500 Firmware Version < e20l33_nf1101
   FujitsuIpcom Ex Lb 2500 Version-
FujitsuIpcom Ex Lb 2700 Firmware Version < e20l33_nf1101
   FujitsuIpcom Ex Lb 2700 Version-
FujitsuIpcom Ex Sc 1100 Firmware Version < e20l33_nf1101
   FujitsuIpcom Ex Sc 1100 Version-
FujitsuIpcom Ex Sc 1300 Firmware Version < e20l33_nf1101
   FujitsuIpcom Ex Sc 1300 Version-
FujitsuIpcom Ex Sc 2300 Firmware Version < e20l33_nf1101
   FujitsuIpcom Ex Sc 2300 Version-
FujitsuIpcom Ex Sc 2500 Firmware Version < e20l33_nf1101
   FujitsuIpcom Ex Sc 2500 Version-
FujitsuIpcom Ex Sc 2700 Firmware Version < e20l33_nf1101
   FujitsuIpcom Ex Sc 2700 Version-
FujitsuIpcom Ex Nw 1100 Firmware Version < e20l33_nf1101
   FujitsuIpcom Ex Nw 1100 Version-
FujitsuIpcom Ex Nw 1300 Firmware Version < e20l33_nf1101
   FujitsuIpcom Ex Nw 1300 Version-
FujitsuIpcom Ex Nw 2300 Firmware Version < e20l33_nf1101
   FujitsuIpcom Ex Nw 2300 Version-
FujitsuIpcom Ex Nw 2500 Firmware Version < e20l33_nf1101
   FujitsuIpcom Ex Nw 2500 Version-
FujitsuIpcom Ex Nw 2700 Firmware Version < e20l33_nf1101
   FujitsuIpcom Ex Nw 2700 Version-
FujitsuIpcom Ve2 Ls 100 Firmware Version < e20l33_nf1101
   FujitsuIpcom Ve2 Ls 100 Version-
FujitsuIpcom Ve2 Ls 200 Firmware Version < e20l33_nf1101
   FujitsuIpcom Ve2 Ls 200 Version-
FujitsuIpcom Ve2 Ls 220 Firmware Version < e20l33_nf1101
   FujitsuIpcom Ve2 Ls 220 Version-
FujitsuIpcom Ve2 Ls Plus 100 Firmware Version < e20l33_nf1101
   FujitsuIpcom Ve2 Ls Plus 100 Version-
FujitsuIpcom Ve2 Ls Plus 200 Firmware Version < e20l33_nf1101
   FujitsuIpcom Ve2 Ls Plus 200 Version-
FujitsuIpcom Ve2 Ls Plus 220 Firmware Version < e20l33_nf1101
   FujitsuIpcom Ve2 Ls Plus 220 Version-
FujitsuIpcom Ve2 Ls Plus2 200 Firmware Version < e20l33_nf1101
   FujitsuIpcom Ve2 Ls Plus2 200 Version-
FujitsuIpcom Ve2 Ls Plus2 220 Firmware Version < e20l33_nf1101
   FujitsuIpcom Ve2 Ls Plus2 220 Version-
FujitsuIpcom Ve2 Sc 100 Firmware Version < e20l33_nf1101
   FujitsuIpcom Ve2 Sc 100 Version-
FujitsuIpcom Ve2 Sc 200 Firmware Version < e20l33_nf1101
   FujitsuIpcom Ve2 Sc 200 Version-
FujitsuIpcom Ve2 Sc 220 Firmware Version < e20l33_nf1101
   FujitsuIpcom Ve2 Sc 220 Version-
FujitsuIpcom Ve2 Sc Plus 100 Firmware Version < e20l33_nf1101
   FujitsuIpcom Ve2 Sc Plus 100 Version-
FujitsuIpcom Ve2 Sc Plus 200 Firmware Version < e20l33_nf1101
   FujitsuIpcom Ve2 Sc Plus 200 Version-
FujitsuIpcom Ve2 Sc Plus 220 Firmware Version < e20l33_nf1101
   FujitsuIpcom Ve2 Sc Plus 220 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.9% 0.825
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.8 3.9 5.9
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 10 10 10
AV:N/AC:L/Au:N/C:C/I:C/A:C
CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.