CVE-2022-33948 : HOME SPOT CUBE2 102 DHCP SERVER REPLY OS COMMAND INJECTION

Description

HOME SPOT CUBE2 V102 contains an OS command injection vulnerability due to improper processing of data received from DHCP server. An adjacent attacker may execute an arbitrary OS command on the product if a malicious DHCP server is placed on the WAN side of the product.

References

https://jvn.jp/en/jp/JVN41017328/index.html

https://www.au.com/support/service/mobile/guide/wlan/home_spot_cube_2/

For More Information

MITRE

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2022-28751 : ZOOM CLIENT FOR MEETINGS UP TO 5.11.2 ON MACOS PACKAGE SIGNATURE VERIFICATION

CVE-2022-28751 : ZOOM CLIENT FOR MEETINGS UP TO 5.11.2 ON MACOS PACKAGE SIGNATURE VERIFICATION

Description The Zoom Client for Meetings for MacOS (Standard and for IT Admin) before version 5.11.3 contains a vulnerability in

CVE-2022-1401 : DEVICE42 ASSET MANAGEMENT APPLIANCE PRIOR 18.01.00 WRIMAGERESOURCE.ADX ACCESS CONTROL

CVE-2022-1401 : DEVICE42 ASSET MANAGEMENT APPLIANCE PRIOR 18.01.00 WRIMAGERESOURCE.ADX ACCESS CONTROL

Description Improper Access Control vulnerability in the /Exago/WrImageResource.adx route as used in Device42 Asset Management Appliance allows an unauthenticated attacker

CVE-2022-36310 : AIRSPAN AIRVELOCITY 1500 PRIOR 15.18.00.2511 SNMPD INHERENTLY DANGEROUS FUNCTION

CVE-2022-36310 : AIRSPAN AIRVELOCITY 1500 PRIOR 15.18.00.2511 SNMPD INHERENTLY DANGEROUS FUNCTION

Description Airspan AirVelocity 1500 software prior to version 15.18.00.2511 had NET-SNMP-EXTEND-MIB enabled on its snmpd service, enabling an attacker with