7.6
CVE-2022-3086
- EPSS 0.24%
- Veröffentlicht 02.12.2022 20:15:13
- Zuletzt bearbeitet 21.11.2024 07:18:47
- Quelle ics-cert@hq.dhs.gov
- CVE-Watchlists
- Unerledigt
LoginCradlepoint IBR600 NCOS versions 6.5.0.160bc2e and prior are vulnerable to shell escape, which enables local attackers with non-superuser credentials to gain full, unrestrictive shell access which may allow an attacker to execute arbitrary code.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Moxa ≫ Uc-8580-t-lx Firmware Version1.1
Moxa ≫ Uc-8580-t-ct-lx Firmware Version1.1
Moxa ≫ Uc-8580-t-q-lx Firmware Version1.1
Moxa ≫ Uc-8580-t-ct-q-lx Firmware Version1.1
Moxa ≫ Uc-8580-q-lx Firmware Version1.1
Moxa ≫ Uc-8580-lx Firmware Version1.1
Moxa ≫ Uc-8540-lx Firmware Version >= 1.0 <= 1.2
Moxa ≫ Uc-8540-t-ct-lx Firmware Version >= 1.0 <= 1.2
Moxa ≫ Uc-8540-t-lx Firmware Version >= 1.0 <= 1.2
Moxa ≫ Uc-8410a-lx Firmware Version2.2
Moxa ≫ Uc-8410a-nw-lx Firmware Version2.2
Moxa ≫ Uc-8410a-nw-t-lx Firmware Version2.2
Moxa ≫ Uc-8410a-t-lx Firmware Version2.2
Moxa ≫ Uc-8210-t-lx-s Firmware Version >= 1.0 <= 2.4
Moxa ≫ Uc-8220-t-lx Firmware Version >= 1.0 <= 2.4
Moxa ≫ Uc-8220-t-lx-us-s Firmware Version >= 1.0 <= 2.4
Moxa ≫ Uc-8220-t-lx-eu-s Firmware Version >= 1.0 <= 2.4
Moxa ≫ Uc-8220-t-lx-ap-s Firmware Version >= 1.0 <= 2.4
Moxa ≫ Uc-8112a-me-t-lx Firmware Version1.0
Moxa ≫ Uc-8112a-me-t-lx Firmware Version1.1
Moxa ≫ Uc-8131-lx Firmware Version1.2
Moxa ≫ Uc-8131-lx Firmware Version1.3
Moxa ≫ Uc-8132-lx Firmware Version1.2
Moxa ≫ Uc-8132-lx Firmware Version1.3
Moxa ≫ Uc-8162-lx Firmware Version1.2
Moxa ≫ Uc-8162-lx Firmware Version1.3
Moxa ≫ Uc-8112-lx Firmware Version1.2
Moxa ≫ Uc-8112-lx Firmware Version1.3
Moxa ≫ Uc-5101-lx Firmware Version1.2
Moxa ≫ Uc-5101-t-lx Firmware Version1.2
Moxa ≫ Uc-5102-lx Firmware Version1.2
Moxa ≫ Uc-5102-t-lx Firmware Version1.2
Moxa ≫ Uc-5111-lx Firmware Version1.2
Moxa ≫ Uc-5111-t-lx Firmware Version1.2
Moxa ≫ Uc-5112-lx Firmware Version1.2
Moxa ≫ Uc-5112-t-lx Firmware Version1.2
Moxa ≫ Uc-3101-t-ap-lx Firmware Version >= 1.2 <= 2.0
Moxa ≫ Uc-3101-t-eu-lx Firmware Version >= 1.2 <= 2.0
Moxa ≫ Uc-3101-t-us-lx Firmware Version >= 1.2 <= 2.0
Moxa ≫ Uc-3111-t-ap-lx Firmware Version >= 1.2 <= 2.0
Moxa ≫ Uc-3111-t-ap-lx-nw Firmware Version >= 1.2 <= 2.0
Moxa ≫ Uc-3111-t-eu-lx Firmware Version >= 1.2 <= 2.0
Moxa ≫ Uc-3111-t-eu-lx-nw Firmware Version >= 1.2 <= 2.0
Moxa ≫ Uc-3111-t-us-lx Firmware Version >= 1.2 <= 2.0
Moxa ≫ Uc-3111-t-us-lx-nw Firmware Version >= 1.2 <= 2.0
Moxa ≫ Uc-3121-t-ap-lx Firmware Version >= 1.2 <= 2.0
Moxa ≫ Uc-3121-t-eu-lx Firmware Version >= 1.2 <= 2.0
Moxa ≫ Uc-3121-t-us-lx Firmware Version >= 1.2 <= 2.0
Moxa ≫ Uc-2101-lx Firmware Version >= 1.3 <= 1.5
Moxa ≫ Uc-2102-lx Firmware Version >= 1.3 <= 1.5
Moxa ≫ Uc-2104-lx Firmware Version >= 1.3 <= 1.5
Moxa ≫ Uc-2111-lx Firmware Version >= 1.3 <= 1.5
Moxa ≫ Uc-2112-lx Firmware Version >= 1.3 <= 1.5
Moxa ≫ Uc-2114-t-lx Firmware Version >= 1.3 <= 1.5
Moxa ≫ Uc-2114-t-lx Firmware Version >= 1.3 <= 1.5
Moxa ≫ Uc-2116-t-lx Firmware Version >= 1.3 <= 1.5
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.24% | 0.476 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.6 | 0.9 | 6 |
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
| ics-cert@hq.dhs.gov | 7.1 | 1.8 | 5.2 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
|
CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')
The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.