{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-3086", "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "datePublished": "2022-11-29T00:00:00", "dateUpdated": "2022-12-07T23:34:24.434Z", "dateReserved": "2022-09-01T00:00:00"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "platforms": ["NetCloud OS (NCOS)"], "product": "IBR600 ", "vendor": "Cradlepoint", "versions": [{"lessThanOrEqual": "6.5.0.160bc2e", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "reporter", "user": "00000000-0000-4000-9000-000000000000", "value": "Uri Katz of Claroty Research reported these vulnerabilities to CISA."}], "datePublic": "2022-11-17T23:32:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\nCradlepoint IBR600 NCOS versions 6.5.0.160bc2e and prior are vulnerable \nto shell escape, which enables local attackers with non-superuser \ncredentials to gain full, unrestrictive shell access which may allow an \nattacker to execute arbitrary code.\n\n"}], "value": "Cradlepoint IBR600 NCOS versions 6.5.0.160bc2e and prior are vulnerable \nto shell escape, which enables local attackers with non-superuser \ncredentials to gain full, unrestrictive shell access which may allow an \nattacker to execute arbitrary code.\n\n"}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-77", "description": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert", "dateUpdated": "2022-12-07T23:34:24.434Z"}, "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-321-02"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "\n<p>Cradlepoint recommends users to update to at least version: </p>\n\n<ul><li>NCOS v7.22.70</li>\n</ul><p>NCOS release 7.1.0 and greater are no longer available for \nmanual or offline download and are performed via the NetCloud Manager, \nwhich requires a subscription. For more information and NCOS upgrade \nbest practices visit <a target=\"_blank\" rel=\"nofollow\" href=\"https://cradlepoint.com/products/netcloud-service/\">Cradlepoint Netcloud Service</a><span style=\"background-color: var(--wht);\">.</span></p>\n\n<p>For more information about the latest update, see the <a target=\"_blank\" rel=\"nofollow\" href=\"https://d2c9o94y5j661e.cloudfront.net/FW-ReleaseNotesNCOS7.22.70-050722.pdf\">Cradlepoint Release Notes</a><span style=\"background-color: var(--wht);\">.</span></p>"}], "value": "Cradlepoint recommends users to update to at least version: \n\n\n\n * NCOS v7.22.70\n\n\n\nNCOS release 7.1.0 and greater are no longer available for \nmanual or offline download and are performed via the NetCloud Manager, \nwhich requires a subscription. For more information and NCOS upgrade \nbest practices visit Cradlepoint Netcloud Service https://cradlepoint.com/products/netcloud-service/ .\n\n\n\nFor more information about the latest update, see the Cradlepoint Release Notes https://d2c9o94y5j661e.cloudfront.net/FW-ReleaseNotesNCOS7.22.70-050722.pdf .\n\n"}], "source": {"discovery": "UNKNOWN"}, "title": "Cradlepoint IBR600 Command Injection", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8580-t-lx_firmware:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "7D6EF904-345E-43FB-BBA7-B4BAA4214A46", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8580-t-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "E10983BA-E998-481E-A994-6D48DB986089", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8580-t-ct-lx_firmware:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "52447718-73AB-40DB-B576-FFBC31F0FAB8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8580-t-ct-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "9B306C0E-4807-4870-B836-7250F0A9F036", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8580-t-q-lx_firmware:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "F6F0D7D9-FDE5-4EB4-9C21-2ECF89591320", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8580-t-q-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "9F238A13-893F-426F-BF29-48DDE9AFE2BE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8580-t-ct-q-lx_firmware:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "38BA48C0-B99D-41BF-BDDE-AFC366884A2D", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8580-t-ct-q-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "DDBC0E20-0DA0-4724-B515-7FFBAF3FA2EC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8580-q-lx_firmware:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "DBD5C0D4-F18D-4AC8-B9E4-30E512D0BD78", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8580-q-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "36C4FE9E-9767-45A8-A585-F1641746BFBB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8580-lx_firmware:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "0A3DD9BB-5D69-4CDB-A942-5E81983EF6ED", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8580-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "8A766734-2683-439D-8814-C0989B082CEE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8540-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "57F35CCC-B7C4-4707-A743-C744D2CC70BA", "versionEndIncluding": "1.2", "versionStartIncluding": "1.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8540-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "9297DE42-0B5E-4BE4-9773-0583DA4CAB2D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8540-t-ct-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7AED57E6-C50B-4C29-B780-C87ECE75D885", "versionEndIncluding": "1.2", "versionStartIncluding": "1.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8540-t-ct-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "848FF5D2-6EC9-43E4-8CDF-2EEAA20AEB3A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8540-t-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9F818E8C-445E-409D-9ECC-FE0E25078D51", "versionEndIncluding": "1.2", "versionStartIncluding": "1.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8540-t-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "25F11CDF-4D2A-4A85-B50D-A7754279BDD1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8410a-lx_firmware:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "88F0611D-16FB-4D67-BF72-8A699B74A122", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8410a-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "08B660E3-EDC3-46F1-9B7C-27DF6C9361F3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8410a-nw-lx_firmware:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "CB8109CE-4B8B-4F18-9391-E0A41E043DD8", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8410a-nw-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "4B6C0056-578C-4429-8A1E-7638D5C1CCEB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8410a-nw-t-lx_firmware:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "13B14B96-CD23-4C02-8930-B1E0B630A06F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8410a-nw-t-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "26D38C84-9329-4320-B435-9F29A48EA06D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8410a-t-lx_firmware:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "4D6BA840-B9E6-43FA-AB37-292D41DA6828", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8410a-t-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "BC2B1263-2F49-43BF-AE2A-631F252E2820", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8210-t-lx-s_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "932D7E88-2240-4911-AB0A-DEC2EDF7E4A6", "versionEndIncluding": "2.4", "versionStartIncluding": "1.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8210-t-lx-s:-:*:*:*:*:*:*:*", "matchCriteriaId": "53104CD8-0DF4-46E5-87F1-B5810EB1B79E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8220-t-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AA04BED1-4FEB-462D-A5C7-E2019EC9B09D", "versionEndIncluding": "2.4", "versionStartIncluding": "1.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8220-t-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "D65808DD-2672-42D7-8544-8A9E0D1519E5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8220-t-lx-us-s_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9330358B-65D2-4688-B515-306E64B8712C", "versionEndIncluding": "2.4", "versionStartIncluding": "1.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8220-t-lx-us-s:-:*:*:*:*:*:*:*", "matchCriteriaId": "726EC056-8BC7-4ACC-A6FF-7E7664859B03", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8220-t-lx-eu-s_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2D62E4E9-6B28-4EF4-9628-F64CAF29676B", "versionEndIncluding": "2.4", "versionStartIncluding": "1.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8220-t-lx-eu-s:-:*:*:*:*:*:*:*", "matchCriteriaId": "F5D493C8-E0E4-4C2B-8A95-66DB61BD7035", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8220-t-lx-ap-s_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0E8FFABB-6B68-43D6-8A96-83E0C6272148", "versionEndIncluding": "2.4", "versionStartIncluding": "1.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8220-t-lx-ap-s:-:*:*:*:*:*:*:*", "matchCriteriaId": "EDC404D8-D558-462F-898F-9CFE54330FD2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8112a-me-t-lx_firmware:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "AF220E22-4564-4BED-B656-CDEEB2C15916", "vulnerable": true}, {"criteria": "cpe:2.3:o:moxa:uc-8112a-me-t-lx_firmware:1.1:*:*:*:*:*:*:*", "matchCriteriaId": "7AF3AC40-75B3-4955-9896-30A4CEBD9B37", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8112a-me-t-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "BC2F0871-28EA-4625-8389-E89A8D023A15", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8131-lx_firmware:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "E3A0029F-3F54-45E8-A692-C4359D32C638", "vulnerable": true}, {"criteria": "cpe:2.3:o:moxa:uc-8131-lx_firmware:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "4130112B-F894-46F0-98F5-3AD0654C6D77", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8131-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "A10928A2-9245-40DC-B8FD-41CCB35D22C5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8132-lx_firmware:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "4363C3E4-490D-4B7A-ACBE-69D30C1BB632", "vulnerable": true}, {"criteria": "cpe:2.3:o:moxa:uc-8132-lx_firmware:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "7C44D70F-5079-436E-922B-82BB536A8C73", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8132-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "C14FDB09-7888-4648-8E35-C1FA14EE7541", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8162-lx_firmware:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "3B08DFFC-C86F-45CD-B42B-472DEE477FDC", "vulnerable": true}, {"criteria": "cpe:2.3:o:moxa:uc-8162-lx_firmware:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "D73A2A3B-0EFB-4F3C-82ED-65F0F34589FE", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8162-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "732AEFCC-7231-4788-869B-25B9247E52FB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-8112-lx_firmware:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "266939EB-1BAF-4956-9E80-AE3E8D33079F", "vulnerable": true}, {"criteria": "cpe:2.3:o:moxa:uc-8112-lx_firmware:1.3:*:*:*:*:*:*:*", "matchCriteriaId": "0211D4E8-BE99-417E-B124-DC91F1F61C41", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-8112-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "B7129CF3-628A-46C5-865B-9ADCC0658C03", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-5101-lx_firmware:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "60187707-601B-4C5F-A650-4622A8377917", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-5101-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "DEB51C37-B6B7-4D1B-B4A5-5A5CBC1DC0DE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-5101-t-lx_firmware:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "48FAD68E-A7ED-4217-ABAD-5B2311B47995", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-5101-t-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "03DAAE8E-16DF-4046-9867-86105DB279AA", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-5102-lx_firmware:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "4E59C5D5-0000-460C-BDEC-33A03414BAD9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-5102-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "9C156071-5FA1-43EF-97CF-98385375D8B0", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-5102-t-lx_firmware:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "F6D2831E-83C3-4B34-9611-41562214435C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-5102-t-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "286A88C3-FD36-4241-8C48-A54332302050", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-5111-lx_firmware:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "98092E25-C6F3-4B4D-813C-9DAE24847B2A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-5111-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "E555662F-D557-4337-B490-C53AF0B2A8C7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-5111-t-lx_firmware:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "CE66A6B2-1C39-4142-A844-F9498C517E29", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-5111-t-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "DACA16B7-CAD0-4362-916A-A3A85F09B3F2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-5112-lx_firmware:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "0E9EABBB-B08E-405A-AC9F-40B4F9A0B252", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-5112-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "7FF9A229-827B-471B-859A-CF51BD469A64", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-5112-t-lx_firmware:1.2:*:*:*:*:*:*:*", "matchCriteriaId": "F9636961-2636-4894-8F0F-67DB2532A0DF", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-5112-t-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "4F055724-0BEA-47A7-B8D3-5C5A7AFA5972", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-3101-t-ap-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CCCA2B92-FEC5-4B32-8FE6-EBEC9FAE791A", "versionEndIncluding": "2.0", "versionStartIncluding": "1.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-3101-t-ap-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "B3549908-B58E-4053-B3B6-709CAEF2E383", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-3101-t-eu-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "07048618-0EC6-407B-AEF0-F44ED5229F2D", "versionEndIncluding": "2.0", "versionStartIncluding": "1.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-3101-t-eu-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "0F011C44-45F4-4147-9237-793C81EDE740", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-3101-t-us-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A1D9A016-00F0-4488-BCE7-A3BC89C7EE51", "versionEndIncluding": "2.0", "versionStartIncluding": "1.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-3101-t-us-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "C4C1ECFC-BFAE-41FD-A281-CDF7D4F50308", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-3111-t-ap-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E030D12F-012D-4CB3-999F-5BB869A4CFE0", "versionEndIncluding": "2.0", "versionStartIncluding": "1.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-3111-t-ap-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "4969D5B4-7704-48C2-B6C6-43AAB4FD4609", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-3111-t-ap-lx-nw_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1E80201F-7EF4-43BC-8D43-49C3B5E0CD40", "versionEndIncluding": "2.0", "versionStartIncluding": "1.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-3111-t-ap-lx-nw:-:*:*:*:*:*:*:*", "matchCriteriaId": "B63A3ADE-DFA0-4579-B3CA-4CCDADE0A00D", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-3111-t-eu-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3E16F237-70FA-4856-882C-D5394BD9AA4B", "versionEndIncluding": "2.0", "versionStartIncluding": "1.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-3111-t-eu-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "3827809F-C307-46E7-AE94-D108407B81FF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-3111-t-eu-lx-nw_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "20A7D0F9-ADF9-4598-A47D-AD0151B7C041", "versionEndIncluding": "2.0", "versionStartIncluding": "1.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-3111-t-eu-lx-nw:-:*:*:*:*:*:*:*", "matchCriteriaId": "C400E9A7-C51B-476F-97B4-5B269A922231", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-3111-t-us-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "0CA63341-F990-4A60-AD4B-538C2CC9E046", "versionEndIncluding": "2.0", "versionStartIncluding": "1.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-3111-t-us-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "B5EF2E7B-586A-42DD-A202-068CE7B3495E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-3111-t-us-lx-nw_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "FD3A8DEA-536F-4F85-B686-2201CCF3B16A", "versionEndIncluding": "2.0", "versionStartIncluding": "1.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-3111-t-us-lx-nw:-:*:*:*:*:*:*:*", "matchCriteriaId": "51BBEAAB-C051-46CC-A7B8-D48BA272775A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-3121-t-ap-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "A0DBB564-6A91-471F-8494-ABEF4B997180", "versionEndIncluding": "2.0", "versionStartIncluding": "1.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-3121-t-ap-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "C2B57685-91FC-4125-9C30-5FDD8A049381", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-3121-t-eu-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E5A011FC-7361-4D20-96E7-5AD06EB76960", "versionEndIncluding": "2.0", "versionStartIncluding": "1.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-3121-t-eu-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "B249A63B-AC3E-4342-A7B8-4FF05B0ACC33", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-3121-t-us-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "3661F92D-3F5A-43E6-A7FA-57E25283CCCD", "versionEndIncluding": "2.0", "versionStartIncluding": "1.2", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-3121-t-us-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "F22B234A-8AA0-4CB5-AF97-74320919DCF3", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-2101-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "9476FEEA-D608-40B7-BAD8-D85E3A433114", "versionEndIncluding": "1.5", "versionStartIncluding": "1.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-2101-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "DA09978A-2E63-4E29-A693-F0361951FCFF", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-2102-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B3786680-F178-4ADC-8085-7DC198A7BDE7", "versionEndIncluding": "1.5", "versionStartIncluding": "1.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-2102-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "053D848E-1BB1-4B91-A205-84F83FE57E8F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-2104-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7D451BCD-8067-4AA1-9ED4-FFFD37BB0B52", "versionEndIncluding": "1.5", "versionStartIncluding": "1.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-2104-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "D7C374EE-E4C8-469F-BC45-E43F739D3D23", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-2111-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B8EFDF2E-D2B0-4FA5-9060-BC63A8792853", "versionEndIncluding": "1.5", "versionStartIncluding": "1.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-2111-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "F85BA8C3-A65F-4B61-8A94-7B67D236919F", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-2112-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "18404A5F-EF72-4236-B9E0-3BF3EE861B3E", "versionEndIncluding": "1.5", "versionStartIncluding": "1.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-2112-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "C653CF9A-080A-48B1-81F2-B72D2B4A1504", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-2114-t-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CDCA0FFC-B0DD-4BED-A39C-6C579F3648A3", "versionEndIncluding": "1.5", "versionStartIncluding": "1.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-2114-t-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "9862617F-C1E4-4437-98E5-3A9322572C2E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-2114-t-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "CDCA0FFC-B0DD-4BED-A39C-6C579F3648A3", "versionEndIncluding": "1.5", "versionStartIncluding": "1.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-2114-t-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "9862617F-C1E4-4437-98E5-3A9322572C2E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:moxa:uc-2116-t-lx_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "49F8203C-B1C6-4175-90B0-C3589DB36C25", "versionEndIncluding": "1.5", "versionStartIncluding": "1.3", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:moxa:uc-2116-t-lx:-:*:*:*:*:*:*:*", "matchCriteriaId": "EC3535DE-C643-4BB0-A9A4-6B7641570BC1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Cradlepoint IBR600 NCOS versions 6.5.0.160bc2e and prior are vulnerable \nto shell escape, which enables local attackers with non-superuser \ncredentials to gain full, unrestrictive shell access which may allow an \nattacker to execute arbitrary code.\n\n"}, {"lang": "es", "value": "Cradlepoint IBR600 NCOS versiones 6.5.0.160bc2e y anteriores son vulnerables al escape del shell, lo que permite a atacantes locales con credenciales que no sean de superusuario obtener acceso completo y sin restricciones al shell, lo que puede permitir a un atacante ejecutar c\u00f3digo arbitrario."}], "id": "CVE-2022-3086", "lastModified": "2023-11-07T03:50:46.100", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "PHYSICAL", "availabilityImpact": "HIGH", "baseScore": 7.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.9, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.2, "source": "ics-cert@hq.dhs.gov", "type": "Secondary"}]}, "published": "2022-12-02T20:15:13.767", "references": [{"source": "ics-cert@hq.dhs.gov", "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-321-02"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-77"}], "source": "ics-cert@hq.dhs.gov", "type": "Primary"}]}

{}