CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-29337

C-DATA FD702XW-X-R430 v2.1.13_X001 was discovered to contain a command injection vulnerability via the va_cmd parameter in formlanipv6. This vulnerability allows attackers to execute arbitrary commands via a crafted HTTP request.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.32

EPSS Ranking 96.6%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://east-trowel-102.notion.site/CVE-2022-XXXX-OS-CommandInjection-formlanipv6-043ddebec5a1456b92991048617c04e8
https://east-trowel-102.notion.site/CVE-2022-XXXX-OS-CommandInjection-formlanipv6-043ddebec5a1456b92991048617c04e8

Products affected by CVE-2022-29337

Cdatatec » Fd702xw-X-R430 » Version: N/A

cpe:2.3:h:cdatatec:fd702xw-x-r430:-
Cdatatec » Fd702xw-X-R430 Firmware » Version: 2.1.13_x001

cpe:2.3:o:cdatatec:fd702xw-x-r430_firmware:2.1.13_x001

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-29337

Products

Pricing

Contact Us