Total
5565 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-27373 | 1 Phicomm | 2 Fir303b, Fir303b Firmware | 2024-11-21 | 8.8 High |
| Shanghai Feixun Data Communication Technology Co., Ltd router fir302b A2 was discovered to contain a remote command execution (RCE) vulnerability via the Ping function. | ||||
| CVE-2022-27276 | 1 Inhandnetworks | 2 Inrouter 900, Inrouter 900 Firmware | 2024-11-21 | 9.8 Critical |
| InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the function sub_10F2C. This vulnerability is triggered via a crafted packet. | ||||
| CVE-2022-27275 | 1 Inhandnetworks | 2 Inrouter 900, Inrouter 900 Firmware | 2024-11-21 | 9.8 Critical |
| InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the function sub_122D0. This vulnerability is triggered via a crafted packet. | ||||
| CVE-2022-27274 | 1 Inhandnetworks | 2 Inrouter 900, Inrouter 900 Firmware | 2024-11-21 | 9.8 Critical |
| InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the function sub_12028. This vulnerability is triggered via a crafted packet. | ||||
| CVE-2022-27273 | 1 Inhandnetworks | 2 Inrouter 900, Inrouter 900 Firmware | 2024-11-21 | 9.8 Critical |
| InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the function sub_12168. This vulnerability is triggered via a crafted packet. | ||||
| CVE-2022-27272 | 1 Inhandnetworks | 2 Inrouter 900, Inrouter 900 Firmware | 2024-11-21 | 9.8 Critical |
| InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the function sub_1791C. This vulnerability is triggered via a crafted packet. | ||||
| CVE-2022-27271 | 1 Inhandnetworks | 2 Inrouter 900, Inrouter 900 Firmware | 2024-11-21 | 9.8 Critical |
| InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the component python-lib. This vulnerability is triggered via a crafted packet. | ||||
| CVE-2022-27270 | 1 Inhandnetworks | 2 Inrouter 900, Inrouter 900 Firmware | 2024-11-21 | 9.8 Critical |
| InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the component ipsec_secrets. This vulnerability is triggered via a crafted packet. | ||||
| CVE-2022-27269 | 1 Inhandnetworks | 2 Inrouter 900, Inrouter 900 Firmware | 2024-11-21 | 9.8 Critical |
| InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the component config_ovpn. This vulnerability is triggered via a crafted packet. | ||||
| CVE-2022-27268 | 1 Inhandnetworks | 2 Inrouter 900, Inrouter 900 Firmware | 2024-11-21 | 9.8 Critical |
| InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution (RCE) vulnerability via the component get_cgi_from_memory. This vulnerability is triggered via a crafted packet. | ||||
| CVE-2022-27224 | 1 Galsys | 2 Nts-6002-gps, Nts-6002-gps Firmware | 2024-11-21 | 7.2 High |
| An issue was discovered in Galleon NTS-6002-GPS 4.14.103-Galleon-NTS-6002.V12 4. An authenticated attacker can perform command injection as root via shell metacharacters within the Network Tools section of the web-management interface. All three networking tools are affected (Ping, Traceroute, and DNS Lookup) and their respective input fields (ping_address, trace_address, nslookup_address). | ||||
| CVE-2022-27188 | 1 Yokogawa | 2 B\/m9000 Vp, Centum Vp | 2024-11-21 | 7.8 High |
| OS command injection vulnerability exists in CENTUM VP R4.01.00 to R4.03.00, CENTUM VP Small R4.01.00 to R4.03.00, CENTUM VP Basic R4.01.00 to R4.03.00, and B/M9000 VP R6.01.01 to R6.03.02, which may allow an attacker who can access the computer where the affected product is installed to execute an arbitrary OS command by altering a file generated using Graphic Builder. | ||||
| CVE-2022-27005 | 1 Totolink | 4 A7000r, A7000r Firmware, X5000r and 1 more | 2024-11-21 | 8.8 High |
| Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered to contain a command injection vulnerability in the setWanCfg function via the hostName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | ||||
| CVE-2022-27004 | 1 Totolink | 4 A7000r, A7000r Firmware, X5000r and 1 more | 2024-11-21 | 8.8 High |
| Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered to contain a command injection vulnerability in the Tunnel 6in4 function via the remote6in4 parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | ||||
| CVE-2022-27003 | 1 Totolink | 4 A7000r, A7000r Firmware, X5000r and 1 more | 2024-11-21 | 8.8 High |
| Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were discovered to contain a command injection vulnerability in the Tunnel 6rd function via the relay6rd parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | ||||
| CVE-2022-26994 | 1 Arris | 6 Sbr-ac1200p, Sbr-ac1200p Firmware, Sbr-ac1900p and 3 more | 2024-11-21 | 9.8 Critical |
| Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the pptp function via the pptpUserName and pptpPassword parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | ||||
| CVE-2022-26993 | 1 Arris | 6 Sbr-ac1200p, Sbr-ac1200p Firmware, Sbr-ac1900p and 3 more | 2024-11-21 | 9.8 Critical |
| Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the pppoe function via the pppoeUserName, pppoePassword, and pppoe_Service parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | ||||
| CVE-2022-26992 | 1 Arris | 6 Sbr-ac1200p, Sbr-ac1200p Firmware, Sbr-ac1900p and 3 more | 2024-11-21 | 9.8 Critical |
| Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the ddns function via the DdnsUserName, DdnsHostName, and DdnsPassword parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | ||||
| CVE-2022-26991 | 1 Arris | 6 Sbr-ac1200p, Sbr-ac1200p Firmware, Sbr-ac1900p and 3 more | 2024-11-21 | 9.8 Critical |
| Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the ntp function via the TimeZone parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | ||||
| CVE-2022-26990 | 1 Arris | 6 Sbr-ac1200p, Sbr-ac1200p Firmware, Sbr-ac1900p and 3 more | 2024-11-21 | 9.8 Critical |
| Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the firewall-local log function via the EmailAddress, SmtpServerName, SmtpUsername, and SmtpPassword parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. | ||||