Vulnerability Details CVE-2022-31208
An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The webserver contains an endpoint that can execute arbitrary commands by manipulating the cmd_string URL parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 62.9%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 9.0
References
- https://sec-consult.com/vulnerability-lab/advisory/infiray-iray-thermal-camera-multiple-vulnerabilities/
- https://www.infiray.com/infrared-security-database.html
- https://sec-consult.com/vulnerability-lab/advisory/infiray-iray-thermal-camera-multiple-vulnerabilities/
- https://www.infiray.com/infrared-security-database.html
Products affected by CVE-2022-31208
-
cpe:2.3:h:infiray:iray-a8z3:-
-
cpe:2.3:o:infiray:iray-a8z3_firmware:1.0.957