PT-2022-17415 · Nec · Univerge Wa 2611-Ap+8

Published

2022-03-11

Updated

2022-03-22

CVE-2022-25621

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions UNIVERGE WA 1020 versions 8.2.11 and prior UNIVERGE WA 1510 versions 8.2.11 and prior UNIVERGE WA 1511 versions 8.2.11 and prior UNIVERGE WA 1512 versions 8.2.11 and prior UNIVERGE WA 2020 versions 8.2.11 and prior UNIVERGE WA 2021 versions 8.2.11 and prior UNIVERGE WA 2610-AP versions 8.2.11 and prior UNIVERGE WA 2611-AP versions 8.2.11 and prior UNIVERGE WA 2611E-AP versions 8.2.11 and prior UNIVERGE WA 2612-AP versions 8.2.11 and prior

Description The issue allows a remote attacker to execute arbitrary OS commands.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

CVE-2022-25621

Affected Products

Univerge Wa 1020

Univerge Wa 1510

Univerge Wa 1511

Univerge Wa 1512

Univerge Wa 2020

Univerge Wa 2021

Univerge Wa 2610-Ap

Univerge Wa 2611-Ap

Univerge Wa 2612-Ap

PT-2022-17415 · Nec · Univerge Wa 2611-Ap+8

CVE-2022-25621

Weakness Enumeration

Related Identifiers

Affected Products

References · 4