CVEDB API

The www-data (Apache web server) account is configured to run sudo with no password for many commands (including /bin/sh and /bin/bash).

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 46.8%

CVSS Severity

CVSS v3 Score 9.9

CVSS v2 Score 7.5

References

Products affected by CVE-2022-2104

Secheron » Sepcos Control And Protection Relay » Version: N/A

cpe:2.3:h:secheron:sepcos_control_and_protection_relay:-
Secheron » Sepcos Control And Protection Relay Firmware » Version: 1.23.0

cpe:2.3:o:secheron:sepcos_control_and_protection_relay_firmware:1.23.0
Secheron » Sepcos Control And Protection Relay Firmware » Version: 1.24.0

cpe:2.3:o:secheron:sepcos_control_and_protection_relay_firmware:1.24.0
Secheron » Sepcos Control And Protection Relay Firmware » Version: 1.25.0

cpe:2.3:o:secheron:sepcos_control_and_protection_relay_firmware:1.25.0