CVE-2022-45717

CVSS V2 None CVSS V3 None
Description
IP-COM M50 V15.11.0.33(10768) was discovered to contain a command injection vulnerability via the usbPartitionName parameter in the formSetUSBPartitionUmount function. This vulnerability is exploited via a crafted GET request.
Overview
  • CVE ID
  • CVE-2022-45717
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2022-12-23T19:15:12
  • Last Modified Date
  • 2023-01-04T20:35:15
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:o:ip-com:m50_firmware:15.11.0.33:*:*:*:*:*:*:* 1 OR
cpe:2.3:h:ip-com:m50:-:*:*:*:*:*:*:* 0 OR
References
History
Created Old Value New Value Data Type Notes
2022-12-23 20:15:34 Added to TrackCVE
2022-12-27 17:15:19 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2023-01-04 21:14:32 2023-01-04T20:35:15 CVE Modified Date updated
2023-01-04 21:14:32 Undergoing Analysis Analyzed Vulnerability Status updated
2023-01-04 21:14:33 Weakness Enumeration new
2023-01-04 21:14:34 CPE Information updated