CVE-2022-43553

A remote code execution vulnerability in EdgeRouters (Version 2.0.9-hotfix.4 and earlier) allows a malicious actor with an operator account to run arbitrary administrator commands.This vulnerability is fixed in Version 2.0.9-hotfix.5 and later.
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:ui:edgemax_edgerouter_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:ui:edgemax_edgerouter_firmware:2.0.9:-:*:*:*:*:*:*
cpe:2.3:o:ui:edgemax_edgerouter_firmware:2.0.9:hotfix1:*:*:*:*:*:*
cpe:2.3:o:ui:edgemax_edgerouter_firmware:2.0.9:hotfix2:*:*:*:*:*:*
cpe:2.3:o:ui:edgemax_edgerouter_firmware:2.0.9:hotfix4:*:*:*:*:*:*
cpe:2.3:h:ui:edgemax_edgerouter:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-12-05 22:15

Updated : 2024-02-28 19:51


NVD link : CVE-2022-43553

Mitre link : CVE-2022-43553

CVE.ORG link : CVE-2022-43553


JSON object : View

Products Affected

ui

  • edgemax_edgerouter_firmware
  • edgemax_edgerouter
CWE
NVD-CWE-noinfo CWE-250

Execution with Unnecessary Privileges