Search
Find a vulnerability
Search criteria
2 vulnerabilities found for og410xi_firmware by ntt-east
CVE-2022-22986 (GCVE-0-2022-22986)
Vulnerability from nvd – Published: 2022-03-31 07:20 – Updated: 2024-08-03 03:28
VLAI
Summary
Netcommunity OG410X and OG810X series (Netcommunity OG410Xa, OG410Xi, OG810Xa, and OG810Xi firmware Ver.2.28 and earlier) allow an attacker on the adjacent network to execute an arbitrary OS command via a specially crafted config file.
Severity
No CVSS data available.
CWE
- OS Command Injection
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://business.ntt-east.co.jp/topics/2022/03_22.html | x_refsource_MISC |
| https://www.ntt-west.co.jp/smb/kiki_info/info/220… | x_refsource_MISC |
| https://jvn.jp/en/vu/JVNVU94900322/index.html | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION (NTT East) and NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION (NTT West) | Netcommunity OG410X and OG810X series |
Affected:
Netcommunity OG410Xa, OG410Xi, OG810Xa and OG810Xi firmware Ver.2.28 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:28:42.756Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://business.ntt-east.co.jp/topics/2022/03_22.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ntt-west.co.jp/smb/kiki_info/info/220322.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/vu/JVNVU94900322/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Netcommunity OG410X and OG810X series",
"vendor": "NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION (NTT East) and NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION (NTT West)",
"versions": [
{
"status": "affected",
"version": "Netcommunity OG410Xa, OG410Xi, OG810Xa and OG810Xi firmware Ver.2.28 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Netcommunity OG410X and OG810X series (Netcommunity OG410Xa, OG410Xi, OG810Xa, and OG810Xi firmware Ver.2.28 and earlier) allow an attacker on the adjacent network to execute an arbitrary OS command via a specially crafted config file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OS Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-31T07:20:41.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://business.ntt-east.co.jp/topics/2022/03_22.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ntt-west.co.jp/smb/kiki_info/info/220322.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/vu/JVNVU94900322/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-22986",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Netcommunity OG410X and OG810X series",
"version": {
"version_data": [
{
"version_value": "Netcommunity OG410Xa, OG410Xi, OG810Xa and OG810Xi firmware Ver.2.28 and earlier"
}
]
}
}
]
},
"vendor_name": "NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION (NTT East) and NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION (NTT West)"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netcommunity OG410X and OG810X series (Netcommunity OG410Xa, OG410Xi, OG810Xa, and OG810Xi firmware Ver.2.28 and earlier) allow an attacker on the adjacent network to execute an arbitrary OS command via a specially crafted config file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://business.ntt-east.co.jp/topics/2022/03_22.html",
"refsource": "MISC",
"url": "https://business.ntt-east.co.jp/topics/2022/03_22.html"
},
{
"name": "https://www.ntt-west.co.jp/smb/kiki_info/info/220322.html",
"refsource": "MISC",
"url": "https://www.ntt-west.co.jp/smb/kiki_info/info/220322.html"
},
{
"name": "https://jvn.jp/en/vu/JVNVU94900322/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/vu/JVNVU94900322/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-22986",
"datePublished": "2022-03-31T07:20:41.000Z",
"dateReserved": "2022-02-02T00:00:00.000Z",
"dateUpdated": "2024-08-03T03:28:42.756Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-22986 (GCVE-0-2022-22986)
Vulnerability from cvelistv5 – Published: 2022-03-31 07:20 – Updated: 2024-08-03 03:28
VLAI
Summary
Netcommunity OG410X and OG810X series (Netcommunity OG410Xa, OG410Xi, OG810Xa, and OG810Xi firmware Ver.2.28 and earlier) allow an attacker on the adjacent network to execute an arbitrary OS command via a specially crafted config file.
Severity
No CVSS data available.
CWE
- OS Command Injection
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://business.ntt-east.co.jp/topics/2022/03_22.html | x_refsource_MISC |
| https://www.ntt-west.co.jp/smb/kiki_info/info/220… | x_refsource_MISC |
| https://jvn.jp/en/vu/JVNVU94900322/index.html | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION (NTT East) and NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION (NTT West) | Netcommunity OG410X and OG810X series |
Affected:
Netcommunity OG410Xa, OG410Xi, OG810Xa and OG810Xi firmware Ver.2.28 and earlier
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T03:28:42.756Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://business.ntt-east.co.jp/topics/2022/03_22.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.ntt-west.co.jp/smb/kiki_info/info/220322.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://jvn.jp/en/vu/JVNVU94900322/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Netcommunity OG410X and OG810X series",
"vendor": "NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION (NTT East) and NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION (NTT West)",
"versions": [
{
"status": "affected",
"version": "Netcommunity OG410Xa, OG410Xi, OG810Xa and OG810Xi firmware Ver.2.28 and earlier"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Netcommunity OG410X and OG810X series (Netcommunity OG410Xa, OG410Xi, OG810Xa, and OG810Xi firmware Ver.2.28 and earlier) allow an attacker on the adjacent network to execute an arbitrary OS command via a specially crafted config file."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "OS Command Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-31T07:20:41.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://business.ntt-east.co.jp/topics/2022/03_22.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.ntt-west.co.jp/smb/kiki_info/info/220322.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://jvn.jp/en/vu/JVNVU94900322/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2022-22986",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Netcommunity OG410X and OG810X series",
"version": {
"version_data": [
{
"version_value": "Netcommunity OG410Xa, OG410Xi, OG810Xa and OG810Xi firmware Ver.2.28 and earlier"
}
]
}
}
]
},
"vendor_name": "NIPPON TELEGRAPH AND TELEPHONE EAST CORPORATION (NTT East) and NIPPON TELEGRAPH AND TELEPHONE WEST CORPORATION (NTT West)"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Netcommunity OG410X and OG810X series (Netcommunity OG410Xa, OG410Xi, OG810Xa, and OG810Xi firmware Ver.2.28 and earlier) allow an attacker on the adjacent network to execute an arbitrary OS command via a specially crafted config file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://business.ntt-east.co.jp/topics/2022/03_22.html",
"refsource": "MISC",
"url": "https://business.ntt-east.co.jp/topics/2022/03_22.html"
},
{
"name": "https://www.ntt-west.co.jp/smb/kiki_info/info/220322.html",
"refsource": "MISC",
"url": "https://www.ntt-west.co.jp/smb/kiki_info/info/220322.html"
},
{
"name": "https://jvn.jp/en/vu/JVNVU94900322/index.html",
"refsource": "MISC",
"url": "https://jvn.jp/en/vu/JVNVU94900322/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2022-22986",
"datePublished": "2022-03-31T07:20:41.000Z",
"dateReserved": "2022-02-02T00:00:00.000Z",
"dateUpdated": "2024-08-03T03:28:42.756Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}