CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-31483

An authenticated attacker can upload a file with a filename including “..” and “/” to achieve the ability to upload the desired file anywhere on the filesystem. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.271. This allows a malicious actor to overwrite sensitive system files and install a startup service to gain remote access to the underlaying Linux operating system with root privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 63.7%

CVSS Severity

CVSS v3 Score 9.1

CVSS v2 Score 9.0

References

Products affected by CVE-2022-31483

Carrier » Lenels2 Lnl-4420 » Version: N/A

cpe:2.3:h:carrier:lenels2_lnl-4420:-
Carrier » Lenels2 Lnl-X2210 » Version: N/A

cpe:2.3:h:carrier:lenels2_lnl-x2210:-
Carrier » Lenels2 Lnl-X2220 » Version: N/A

cpe:2.3:h:carrier:lenels2_lnl-x2220:-
Carrier » Lenels2 Lnl-X3300 » Version: N/A

cpe:2.3:h:carrier:lenels2_lnl-x3300:-
Carrier » Lenels2 Lnl-X4420 » Version: N/A

cpe:2.3:h:carrier:lenels2_lnl-x4420:-
Carrier » Lenels2 S2-Lp-1501 » Version: N/A

cpe:2.3:h:carrier:lenels2_s2-lp-1501:-
Carrier » Lenels2 S2-Lp-1502 » Version: N/A

cpe:2.3:h:carrier:lenels2_s2-lp-1502:-
Carrier » Lenels2 S2-Lp-2500 » Version: N/A

cpe:2.3:h:carrier:lenels2_s2-lp-2500:-
Carrier » Lenels2 S2-Lp-4502 » Version: N/A

cpe:2.3:h:carrier:lenels2_s2-lp-4502:-
Hidglobal » Ep4502 » Version: N/A

cpe:2.3:h:hidglobal:ep4502:-
Hidglobal » Lp1501 » Version: N/A

cpe:2.3:h:hidglobal:lp1501:-
Hidglobal » Lp1502 » Version: N/A

cpe:2.3:h:hidglobal:lp1502:-
Hidglobal » Lp2500 » Version: N/A

cpe:2.3:h:hidglobal:lp2500:-
Hidglobal » Lp4502 » Version: N/A

cpe:2.3:h:hidglobal:lp4502:-
Carrier » Lenels2 Lnl-4420 Firmware » Version: N/A

cpe:2.3:o:carrier:lenels2_lnl-4420_firmware:-
Carrier » Lenels2 Lnl-4420 Firmware » Version: 1.29

cpe:2.3:o:carrier:lenels2_lnl-4420_firmware:1.29
Carrier » Lenels2 Lnl-X2210 Firmware » Version: N/A

cpe:2.3:o:carrier:lenels2_lnl-x2210_firmware:-
Carrier » Lenels2 Lnl-X2210 Firmware » Version: 1.29

cpe:2.3:o:carrier:lenels2_lnl-x2210_firmware:1.29
Carrier » Lenels2 Lnl-X2220 Firmware » Version: N/A

cpe:2.3:o:carrier:lenels2_lnl-x2220_firmware:-
Carrier » Lenels2 Lnl-X2220 Firmware » Version: 1.29

cpe:2.3:o:carrier:lenels2_lnl-x2220_firmware:1.29
Carrier » Lenels2 Lnl-X3300 Firmware » Version: N/A

cpe:2.3:o:carrier:lenels2_lnl-x3300_firmware:-
Carrier » Lenels2 Lnl-X3300 Firmware » Version: 1.29

cpe:2.3:o:carrier:lenels2_lnl-x3300_firmware:1.29
Carrier » Lenels2 Lnl-X4420 Firmware » Version: N/A

cpe:2.3:o:carrier:lenels2_lnl-x4420_firmware:-
Carrier » Lenels2 Lnl-X4420 Firmware » Version: 1.29

cpe:2.3:o:carrier:lenels2_lnl-x4420_firmware:1.29
Carrier » Lenels2 S2-Lp-1501 Firmware » Version: N/A

cpe:2.3:o:carrier:lenels2_s2-lp-1501_firmware:-
Carrier » Lenels2 S2-Lp-1501 Firmware » Version: 1.29

cpe:2.3:o:carrier:lenels2_s2-lp-1501_firmware:1.29
Carrier » Lenels2 S2-Lp-1502 Firmware » Version: N/A

cpe:2.3:o:carrier:lenels2_s2-lp-1502_firmware:-
Carrier » Lenels2 S2-Lp-1502 Firmware » Version: 1.29

cpe:2.3:o:carrier:lenels2_s2-lp-1502_firmware:1.29
Carrier » Lenels2 S2-Lp-2500 Firmware » Version: N/A

cpe:2.3:o:carrier:lenels2_s2-lp-2500_firmware:-
Carrier » Lenels2 S2-Lp-2500 Firmware » Version: 1.29

cpe:2.3:o:carrier:lenels2_s2-lp-2500_firmware:1.29
Carrier » Lenels2 S2-Lp-4502 Firmware » Version: N/A

cpe:2.3:o:carrier:lenels2_s2-lp-4502_firmware:-
Carrier » Lenels2 S2-Lp-4502 Firmware » Version: 1.29

cpe:2.3:o:carrier:lenels2_s2-lp-4502_firmware:1.29
Hidglobal » Ep4502 Firmware » Version: N/A

cpe:2.3:o:hidglobal:ep4502_firmware:-
Hidglobal » Lp1501 Firmware » Version: N/A

cpe:2.3:o:hidglobal:lp1501_firmware:-
Hidglobal » Lp1502 Firmware » Version: N/A

cpe:2.3:o:hidglobal:lp1502_firmware:-
Hidglobal » Lp2500 Firmware » Version: N/A

cpe:2.3:o:hidglobal:lp2500_firmware:-
Hidglobal » Lp4502 Firmware » Version: N/A

cpe:2.3:o:hidglobal:lp4502_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-31483

Products

Pricing

Contact Us