CVE-2022-44606

OS command injection vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware versions 71x10.1.107112.43A and earlier allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:unimo:udr-ja1604_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:unimo:udr-ja1604:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:unimo:udr-ja1608_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:unimo:udr-ja1608:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:unimo:udr-ja1616_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:unimo:udr-ja1616:-:*:*:*:*:*:*:*

History

21 Nov 2024, 07:28

Type Values Removed Values Added
References () http://www.unimo.co.jp/table_notice/index.php?act=1&resid=1666831567-004418 - Vendor Advisory () http://www.unimo.co.jp/table_notice/index.php?act=1&resid=1666831567-004418 - Vendor Advisory
References () https://jvn.jp/en/vu/JVNVU94514762/index.html - Third Party Advisory () https://jvn.jp/en/vu/JVNVU94514762/index.html - Third Party Advisory

Information

Published : 2022-12-07 04:15

Updated : 2024-11-21 07:28


NVD link : CVE-2022-44606

Mitre link : CVE-2022-44606

CVE.ORG link : CVE-2022-44606


JSON object : View

Products Affected

unimo

  • udr-ja1604_firmware
  • udr-ja1616
  • udr-ja1608
  • udr-ja1604
  • udr-ja1608_firmware
  • udr-ja1616_firmware
CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')