CVE-2022-0365

EUVD-2022-15520
The affected product is vulnerable to an authenticated OS command injection, which may allow an attacker to inject and execute arbitrary shell commands as the Admin (root) user.
OS Command Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.1 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
icscertCNA
9.1 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 84%
Affected Products (NVD)
VendorProductVersion
riconmobiles9922l_firmware
16.10.3
riconmobiles9922xl_firmware
16.10.3
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.cisa.gov/uscert/ics/advisories/icsa-22-032-01
https://www.cisa.gov/uscert/ics/advisories/icsa-22-032-01