Vulnerability Details CVE-2022-38399
Missing protection mechanism for alternate hardware interface in SmaCam CS-QR10 all versions and SmaCam Night Vision CS-QR20 all versions allows an attacker to execute an arbitrary OS command by having the product connect to the product's specific serial connection
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 16.2%
CVSS Severity
CVSS v3 Score 6.8
References
- https://jvn.jp/en/vu/JVNVU90766406/index.html
- https://www.planex.co.jp/products/cs-qr10/index.shtml
- https://www.planex.co.jp/products/cs-qr20/index.shtml
- https://jvn.jp/en/vu/JVNVU90766406/index.html
- https://www.planex.co.jp/products/cs-qr10/index.shtml
- https://www.planex.co.jp/products/cs-qr20/index.shtml
Products affected by CVE-2022-38399
-
cpe:2.3:h:planex:cs-qr10:-
-
cpe:2.3:h:planex:cs-qr20:-
-
cpe:2.3:o:planex:cs-qr10_firmware:-
-
cpe:2.3:o:planex:cs-qr20_firmware:-
-
cpe:2.3:o:planex:cs-qr20_firmware:1.30