CVE-2022-4221 - OpenCVE

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Asus NAS-M25 allows an unauthenticated attacker to inject arbitrary OS commands via unsanitized cookie values.This issue affects NAS-M25: through 1.0.1.7.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Asus	Nas-m25 Nas-m25 Firmware

Configuration 1 [-]

AND

cpe:2.3:o:asus:nas-m25_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:asus:nas-m25:-:*:*:*:*:*:*:*

References

Link	Resource
https://onekey.com/blog/security-advisory-asus-m25-nas-vulnerability/	Exploit Technical Description Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: ONEKEY

Published: 2022-12-01T09:26:48.459Z

Updated:

Reserved: 2022-11-30T00:08:16.735Z

Link: CVE-2022-4221

JSON object: View

NVD Information

Status : Modified

Published: 2022-12-01T10:15:09.863

Modified: 2023-11-07T03:57:13.937

Link: CVE-2022-4221

JSON object: View

Redhat Information

No data.

CWE

CWE-78

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2022-4221", "assignerOrgId": "2d533b80-6e4a-4e20-93e2-171235122846", "state": "PUBLISHED", "assignerShortName": "ONEKEY", "requesterUserId": "995fc484-d492-4a15-aa23-2c0525a3aa21", "dateReserved": "2022-11-30T00:08:16.735Z", "datePublished": "2022-12-01T09:26:48.459Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "NAS-M25", "vendor": "Asus", "versions": [{"lessThanOrEqual": "1.0.1.7", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Q. Kaiser, ONEKEY Research Lab"}, {"lang": "en", "type": "tool", "user": "00000000-0000-4000-9000-000000000000", "value": "ONEKEY analysis platform"}], "datePublic": "2022-12-01T09:30:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Asus NAS-M25 allows an unauthenticated attacker to inject arbitrary OS commands via unsanitized cookie values.<p>This issue affects NAS-M25: through 1.0.1.7.</p>"}], "value": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Asus NAS-M25 allows an unauthenticated attacker to inject arbitrary OS commands via unsanitized cookie values.This issue affects NAS-M25: through 1.0.1.7.\n\n"}], "impacts": [{"capecId": "CAPEC-88", "descriptions": [{"lang": "en", "value": "CAPEC-88 OS Command Injection"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-78", "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "2d533b80-6e4a-4e20-93e2-171235122846", "shortName": "ONEKEY", "dateUpdated": "2022-12-01T09:26:48.459Z"}, "references": [{"url": "https://onekey.com/blog/security-advisory-asus-m25-nas-vulnerability/"}], "source": {"discovery": "UNKNOWN"}, "title": "OS command injection in ASUS M25 NAS", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:nas-m25_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C378BD92-0E87-4854-8798-1BEEF58E9A6E", "versionEndIncluding": "1.0.1.7", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:nas-m25:-:*:*:*:*:*:*:*", "matchCriteriaId": "5A3EA751-D58E-4F6B-B29C-5C842365B5F5", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Asus NAS-M25 allows an unauthenticated attacker to inject arbitrary OS commands via unsanitized cookie values.This issue affects NAS-M25: through 1.0.1.7.\n\n"}, {"lang": "es", "value": "La neutralizaci\u00f3n inadecuada de elementos especiales utilizados en una vulnerabilidad de comando del Sistema Operativo ('inyecci\u00f3n de comando del Sistema Operativo') en Asus NAS-M25 permite que un atacante no autenticado inyecte comandos del Sistema Operativo arbitrarios a trav\u00e9s de valores de cookies no sanitizados. Este problema afecta a NAS-M25: hasta 1.0.1.7."}], "id": "CVE-2022-4221", "lastModified": "2023-11-07T03:57:13.937", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "research@onekey.com", "type": "Secondary"}]}, "published": "2022-12-01T10:15:09.863", "references": [{"source": "research@onekey.com", "tags": ["Exploit", "Technical Description", "Third Party Advisory"], "url": "https://onekey.com/blog/security-advisory-asus-m25-nas-vulnerability/"}], "sourceIdentifier": "research@onekey.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-78"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-78"}], "source": "research@onekey.com", "type": "Secondary"}]}