CVE-2022-38399

Опубликовано: 08 сент. 2022

Источник: nvd

CVSS3: 6.8

EPSS Низкий

Описание

Missing protection mechanism for alternate hardware interface in SmaCam CS-QR10 all versions and SmaCam Night Vision CS-QR20 all versions allows an attacker to execute an arbitrary OS command by having the product connect to the product's specific serial connection

Ссылки

https://jvn.jp/en/vu/JVNVU90766406/index.html
Third Party Advisory
https://www.planex.co.jp/products/cs-qr10/index.shtml
Product
https://www.planex.co.jp/products/cs-qr20/index.shtml
Product
https://jvn.jp/en/vu/JVNVU90766406/index.html
Third Party Advisory
https://www.planex.co.jp/products/cs-qr10/index.shtml
Product
https://www.planex.co.jp/products/cs-qr20/index.shtml
Product

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:planex:cs-qr20_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:planex:cs-qr20:-:*:*:*:*:*:*:*

Конфигурация 2

Одновременно

cpe:2.3:o:planex:cs-qr10_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:planex:cs-qr10:-:*:*:*:*:*:*:*

EPSS

Процентиль: 44%

0.00219

Низкий

6.8 Medium

CVSS3

Дефекты

CWE-287

Связанные уязвимости

GHSA-xr2c-mghr-gmr2