CVE-2022-36779

Published Sep 13, 2022

Last updated 2 years ago

CVSS critical 9.8

Overview

Description: PROSCEND - PROSCEND / ADVICE .Ltd - G/5G Industrial Cellular Router (with GPS)4 Unauthenticated OS Command Injection Proscend M330-w / M33-W5 / M350-5G / M350-W5G / M350-6 / M350-W6 / M301-G / M301-GW ADVICE ICR 111WG / https://www.proscend.com/en/category/industrial-Cellular-Router/industrial-Cellular-Router.html https://cdn.shopify.com/s/files/1/0036/9413/3297/files/ADVICE_Industrial_4G_LTE_Cellular_Router_ICR111WG.pdf?v=1620814301
Source: cna@cyber.gov.il
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 9.8
Impact score: 5.9
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity: CRITICAL

Weaknesses

nvd@nist.gov: CWE-78

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:proscend:m330-w_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2EC72D70-E5BE-4A3B-9DC6-59EC64EDA432",
            "versionEndExcluding": "1.11"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:proscend:m330-w:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "97FA2A2C-DAAB-496B-8990-A7BDC5D18797"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:proscend:m330-w5_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7521F07F-63C6-4129-98D4-00EAD78355E6",
            "versionEndExcluding": "1.11"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:proscend:m330-w5:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F461483B-16BA-4FA6-A0B1-63B72437BEB1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:proscend:m350-5g_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4DACEED6-7AA2-4DA5-B38A-E4A18AC86325",
            "versionEndExcluding": "1.02"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:proscend:m350-5g:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "12B8B8DB-A84E-4D5B-8D02-6E80B40BAD21"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:proscend:m350-w5g_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "47A4A069-6F97-4B87-84C0-8D50A7439843",
            "versionEndExcluding": "1.02"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:proscend:m350-w5g:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BF36D4F0-CB96-47D6-B682-19FF835A4A4D"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:proscend:m350-6_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3059ACFE-A49B-415A-9471-DC52C5732598",
            "versionEndExcluding": "1.02"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:proscend:m350-6:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E270B250-141D-4A29-AD27-C71EE0FE56EC"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:proscend:m350-w6_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C419E1A2-260C-49AB-BA93-38D0B1B423CE",
            "versionEndExcluding": "1.02"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:proscend:m350-w6:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "FB098DC2-765E-4E4E-B94A-685AF2976C57"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:proscend:m301-g_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "912A01F1-4317-4850-9279-618CB2ABED03",
            "versionEndExcluding": "2.20"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:proscend:m301-g:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3566DAC8-4B3F-4107-90F5-AF917B68579E"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:proscend:m301-gw_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "737ABAFE-0B22-4A6A-9807-BBB9A21E99C3",
            "versionEndExcluding": "2.20"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:proscend:m301-gw:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D4963355-5F5C-4426-AE33-3E8E19FE6824"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:advice:icr_111wg_firmware:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B472B997-58B9-48BC-B113-9B7E8E17DE0A",
            "versionEndExcluding": "1.11"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:advice:icr_111wg:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "72EDB46C-B152-4B42-A240-1341B52C7BB1"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References