Vulnerability Details CVE-2022-22986
Netcommunity OG410X and OG810X series (Netcommunity OG410Xa, OG410Xi, OG810Xa, and OG810Xi firmware Ver.2.28 and earlier) allow an attacker on the adjacent network to execute an arbitrary OS command via a specially crafted config file.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.4%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 8.3
References
- https://business.ntt-east.co.jp/topics/2022/03_22.html
- https://jvn.jp/en/vu/JVNVU94900322/index.html
- https://www.ntt-west.co.jp/smb/kiki_info/info/220322.html
- https://business.ntt-east.co.jp/topics/2022/03_22.html
- https://jvn.jp/en/vu/JVNVU94900322/index.html
- https://www.ntt-west.co.jp/smb/kiki_info/info/220322.html
Products affected by CVE-2022-22986
-
cpe:2.3:h:ntt-east:og410xa:-
-
cpe:2.3:h:ntt-east:og410xi:-
-
cpe:2.3:h:ntt-east:og810xa:-
-
cpe:2.3:h:ntt-east:og810xi:-
-
cpe:2.3:o:ntt-east:og410xa_firmware:-
-
cpe:2.3:o:ntt-east:og410xa_firmware:2.28
-
cpe:2.3:o:ntt-east:og410xi_firmware:-
-
cpe:2.3:o:ntt-east:og410xi_firmware:2.28
-
cpe:2.3:o:ntt-east:og810xa_firmware:-
-
cpe:2.3:o:ntt-east:og810xa_firmware:2.28
-
cpe:2.3:o:ntt-east:og810xi_firmware:-
-
cpe:2.3:o:ntt-east:og810xi_firmware:2.28