CVE-2022-36557 - OpenCVE

Seiko SkyBridge MB-A100/A110 v4.2.0 and below was discovered to contain an arbitrary file upload vulnerability via the restore backup function. This vulnerability allows attackers to execute arbitrary code via a crafted html file.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Seiko-sol	Skybridge Mb-a110 Skybridge Mb-a100 Skybridge Mb-a110 Firmware Skybridge Mb-a100 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:seiko-sol:skybridge_mb-a100_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:seiko-sol:skybridge_mb-a100:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:seiko-sol:skybridge_mb-a110_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:seiko-sol:skybridge_mb-a110:-:*:*:*:*:*:*:*

References

Link	Resource
https://gist.github.com/Nwqda/88232102fed50b54c43871e88e993b54	Broken Link
https://www.seiko-sol.co.jp/products/skybridge/lineup/mb-a100/	Product Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-08-29T22:46:20

Updated: 2022-08-29T22:46:20

Reserved: 2022-07-25T00:00:00

Link: CVE-2022-36557

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-08-29T23:15:08.520

Modified: 2022-09-02T19:01:10.027

Link: CVE-2022-36557

JSON object: View

Redhat Information

No data.

CWE

CWE-434

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Seiko SkyBridge MB-A100/A110 v4.2.0 and below was discovered to contain an arbitrary file upload vulnerability via the restore backup function. This vulnerability allows attackers to execute arbitrary code via a crafted html file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-08-29T22:46:20", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://gist.github.com/Nwqda/88232102fed50b54c43871e88e993b54"}, {"tags": ["x_refsource_MISC"], "url": "https://www.seiko-sol.co.jp/products/skybridge/lineup/mb-a100/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-36557", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Seiko SkyBridge MB-A100/A110 v4.2.0 and below was discovered to contain an arbitrary file upload vulnerability via the restore backup function. This vulnerability allows attackers to execute arbitrary code via a crafted html file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://gist.github.com/Nwqda/88232102fed50b54c43871e88e993b54", "refsource": "MISC", "url": "https://gist.github.com/Nwqda/88232102fed50b54c43871e88e993b54"}, {"name": "https://www.seiko-sol.co.jp/products/skybridge/lineup/mb-a100/", "refsource": "MISC", "url": "https://www.seiko-sol.co.jp/products/skybridge/lineup/mb-a100/"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-36557", "datePublished": "2022-08-29T22:46:20", "dateReserved": "2022-07-25T00:00:00", "dateUpdated": "2022-08-29T22:46:20", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:seiko-sol:skybridge_mb-a100_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "AD96E423-1212-411C-BC8D-78F3A3B6C27A", "versionEndIncluding": "4.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:seiko-sol:skybridge_mb-a100:-:*:*:*:*:*:*:*", "matchCriteriaId": "F1C62FA9-2A2F-4A29-95C7-3797623E9932", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:seiko-sol:skybridge_mb-a110_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4B4E6633-A672-41D8-8BC7-8374EF2F59DC", "versionEndIncluding": "4.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:seiko-sol:skybridge_mb-a110:-:*:*:*:*:*:*:*", "matchCriteriaId": "29D834FA-153B-4E9C-B88D-84BB86F3410C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Seiko SkyBridge MB-A100/A110 v4.2.0 and below was discovered to contain an arbitrary file upload vulnerability via the restore backup function. This vulnerability allows attackers to execute arbitrary code via a crafted html file."}, {"lang": "es", "value": "Seiko SkyBridge MB-A100/A110 versiones v4.2.0 y anteriores, se ha detectado que contiene una vulnerabilidad de carga de archivos arbitrarios por medio de la funci\u00f3n restore backup. Esta vulnerabilidad permite a atacantes ejecutar c\u00f3digo arbitrario por medio de un archivo html dise\u00f1ado"}], "id": "CVE-2022-36557", "lastModified": "2022-09-02T19:01:10.027", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-08-29T23:15:08.520", "references": [{"source": "cve@mitre.org", "tags": ["Broken Link"], "url": "https://gist.github.com/Nwqda/88232102fed50b54c43871e88e993b54"}, {"source": "cve@mitre.org", "tags": ["Product", "Vendor Advisory"], "url": "https://www.seiko-sol.co.jp/products/skybridge/lineup/mb-a100/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "nvd@nist.gov", "type": "Primary"}]}