CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Asus: >> Nas-M25 Security Vulnerabilities

CVE-2022-4221

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Asus NAS-M25 allows an unauthenticated attacker to inject arbitrary OS commands via unsanitized cookie values.This issue affects NAS-M25: through 1.0.1.7.

CVSS Score

9.8

EPSS Score

0.049

Published

2022-12-01

Page 1

Vulnerabilities

Vulnerable Software

Asus: >> Nas-M25 Security Vulnerabilities

Products

Pricing

Contact Us