CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-35733

Missing authentication for critical function vulnerability in UNIMO Technology digital video recorders (UDR-JA1004/JA1008/JA1016 firmware versions v1.0.20.13 and earlier, and UDR-JA1016 firmware versions v2.0.20.13 and earlier) allows a remote unauthenticated attacker to execute an arbitrary OS command by sending a specially crafted request to the affected device web interface.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.032

EPSS Ranking 86.4%

CVSS Severity

CVSS v3 Score 9.8

References

Products affected by CVE-2022-35733

Unimo » Udr-Ja1004 » Version: N/A

cpe:2.3:h:unimo:udr-ja1004:-
Unimo » Udr-Ja1008 » Version: N/A

cpe:2.3:h:unimo:udr-ja1008:-
Unimo » Udr-Ja1016 » Version: N/A

cpe:2.3:h:unimo:udr-ja1016:-
Unimo » Udr-Ja1004 Firmware » Version: Any

cpe:2.3:o:unimo:udr-ja1004_firmware:*
Unimo » Udr-Ja1008 Firmware » Version: Any

cpe:2.3:o:unimo:udr-ja1008_firmware:*
Unimo » Udr-Ja1016 Firmware » Version: Any

cpe:2.3:o:unimo:udr-ja1016_firmware:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-35733

Products

Pricing

Contact Us