CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-4098

Multiple Wiesemann&Theis products of the ComServer Series are prone to an authentication bypass through IP spoofing. After a user logged in to the WBM of the Com-Server an unauthenticated attacker in the same subnet can obtain the session ID and through IP spoofing change arbitrary settings by crafting modified HTTP Get requests. This may result in a complete takeover of the device.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 7.0%

CVSS Severity

CVSS v3 Score 8.0

References

Products affected by CVE-2022-4098

Wut » Com-Server ++ » Version: N/A

cpe:2.3:h:wut:com-server_++:-
Wut » Com-Server 20ma » Version: N/A

cpe:2.3:h:wut:com-server_20ma:-
Wut » Com-Server Highspeed 100basefx » Version: N/A

cpe:2.3:h:wut:com-server_highspeed_100basefx:-
Wut » Com-Server Highspeed 100baselx » Version: N/A

cpe:2.3:h:wut:com-server_highspeed_100baselx:-
Wut » Com-Server Highspeed 19" 1port » Version: N/A

cpe:2.3:h:wut:com-server_highspeed_19"_1port:-
Wut » Com-Server Highspeed 19" 4port » Version: N/A

cpe:2.3:h:wut:com-server_highspeed_19"_4port:-
Wut » Com-Server Highspeed Compact » Version: N/A

cpe:2.3:h:wut:com-server_highspeed_compact:-
Wut » Com-Server Highspeed Industry » Version: N/A

cpe:2.3:h:wut:com-server_highspeed_industry:-
Wut » Com-Server Highspeed Isolated » Version: N/A

cpe:2.3:h:wut:com-server_highspeed_isolated:-
Wut » Com-Server Highspeed Lc » Version: N/A

cpe:2.3:h:wut:com-server_highspeed_lc:-
Wut » Com-Server Highspeed Oem » Version: N/A

cpe:2.3:h:wut:com-server_highspeed_oem:-
Wut » Com-Server Highspeed Office 1port » Version: N/A

cpe:2.3:h:wut:com-server_highspeed_office_1port:-
Wut » Com-Server Highspeed Office 4port » Version: N/A

cpe:2.3:h:wut:com-server_highspeed_office_4port:-
Wut » Com-Server Highspeed Poe » Version: N/A

cpe:2.3:h:wut:com-server_highspeed_poe:-
Wut » Com-Server Highspeed Poe 3x Isolated » Version: N/A

cpe:2.3:h:wut:com-server_highspeed_poe_3x_isolated:-
Wut » Com-Server Highspeed Ul » Version: N/A

cpe:2.3:h:wut:com-server_highspeed_ul:-
Wut » Com-Server ++ Firmware » Version: N/A

cpe:2.3:o:wut:com-server_++_firmware:-
Wut » Com-Server 20ma Firmware » Version: N/A

cpe:2.3:o:wut:com-server_20ma_firmware:-
Wut » Com-Server Highspeed 100basefx Firmware » Version: N/A

cpe:2.3:o:wut:com-server_highspeed_100basefx_firmware:-
Wut » Com-Server Highspeed 100baselx Firmware » Version: N/A

cpe:2.3:o:wut:com-server_highspeed_100baselx_firmware:-
Wut » Com-Server Highspeed 19" 1port Firmware » Version: N/A

cpe:2.3:o:wut:com-server_highspeed_19"_1port_firmware:-
Wut » Com-Server Highspeed 19" 4port Firmware » Version: N/A

cpe:2.3:o:wut:com-server_highspeed_19"_4port_firmware:-
Wut » Com-Server Highspeed Compact Firmware » Version: N/A

cpe:2.3:o:wut:com-server_highspeed_compact_firmware:-
Wut » Com-Server Highspeed Industry Firmware » Version: N/A

cpe:2.3:o:wut:com-server_highspeed_industry_firmware:-
Wut » Com-Server Highspeed Isolated Firmware » Version: N/A

cpe:2.3:o:wut:com-server_highspeed_isolated_firmware:-
Wut » Com-Server Highspeed Lc Firmware » Version: N/A

cpe:2.3:o:wut:com-server_highspeed_lc_firmware:-
Wut » Com-Server Highspeed Oem Firmware » Version: N/A

cpe:2.3:o:wut:com-server_highspeed_oem_firmware:-
Wut » Com-Server Highspeed Office 1port Firmware » Version: N/A

cpe:2.3:o:wut:com-server_highspeed_office_1port_firmware:-
Wut » Com-Server Highspeed Office 4port Firmware » Version: N/A

cpe:2.3:o:wut:com-server_highspeed_office_4port_firmware:-
Wut » Com-Server Highspeed Poe 3x Isolated Firmware » Version: N/A

cpe:2.3:o:wut:com-server_highspeed_poe_3x_isolated_firmware:-
Wut » Com-Server Highspeed Poe Firmware » Version: N/A

cpe:2.3:o:wut:com-server_highspeed_poe_firmware:-
Wut » Com-Server Highspeed Ul Firmware » Version: N/A

cpe:2.3:o:wut:com-server_highspeed_ul_firmware:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-4098

Products

Pricing

Contact Us