PT-2022-4873 · Quectel · Quectel Em05-Ce
Published
2022-09-13
·
Updated
2022-09-15
·
CVE-2022-40283
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Quectel EM05-CE wireless network adapter versions (affected versions not specified)
Description
The issue is related to the microprogram software of Quectel EM05-CE wireless network adapters in Lenovo laptops, which fails to neutralize special elements used in an operating system command. This could allow an attacker to execute arbitrary commands by sending specially crafted requests.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
OS Command Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Quectel Em05-Ce