CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-37680

An improper authentication for critical function issue in Hitachi Kokusai Electric Network products for monitoring system (Camera, Decoder and Encoder) and bellow allows attckers to remotely reboot the device via a crafted POST request to the endpoint /ptipupgrade.cgi. Security information ID hitachi-sec-2022-001 contains fixes for the issue.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 24.9%

CVSS Severity

CVSS v3 Score 7.5

References

https://gist.github.com/Nwqda/5efea18c9142c6a966d85c6be2c0c2b5
https://www.hitachi-kokusai.co.jp/global/en/products/info/vulnerable/hitachi-sec-2022-001/index.html
https://gist.github.com/Nwqda/5efea18c9142c6a966d85c6be2c0c2b5
https://www.hitachi-kokusai.co.jp/global/en/products/info/vulnerable/hitachi-sec-2022-001/index.html

Products affected by CVE-2022-37680

Hitachi » Hc-Ip9100hd » Version: N/A

cpe:2.3:h:hitachi:hc-ip9100hd:-
Hitachi » Hc-Ip9100hd Firmware » Version: N/A

cpe:2.3:o:hitachi:hc-ip9100hd_firmware:-
Hitachi » Hc-Ip9100hd Firmware » Version: 1.07

cpe:2.3:o:hitachi:hc-ip9100hd_firmware:1.07

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-37680

Products

Pricing

Contact Us