CVE-2022-45714

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions IP-COM M50 version 15.11.0.33(10768)

Description A buffer overflow issue was discovered via the indexSet parameter in the formQOSRuleDel function. This issue can potentially be exploited, although specific details about the estimated number of affected devices or real-world incidents are not provided.

Recommendations For IP-COM M50 version 15.11.0.33(10768), consider restricting access to the formQOSRuleDel function until a patch is available. As a temporary workaround, avoid using the indexSet parameter in the affected function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

CVE-2022-45714

Affected Products

Ip-Com M50

CVE-2022-45714

Weakness Enumeration

Related Identifiers

Affected Products

References · 6