CVE-2022-36310 : AIRSPAN AIRVELOCITY 1500 PRIOR 15.18.00.2511 SNMPD INHERENTLY DANGEROUS FUNCTION

Description

Airspan AirVelocity 1500 software prior to version 15.18.00.2511 had NET-SNMP-EXTEND-MIB enabled on its snmpd service, enabling an attacker with SNMP write abilities to execute commands as root on the eNodeB. This issue may affect other AirVelocity and AirSpeed models.

References

https://helpdesk.airspan.com/browse/TRN3-1689

https://github.com/metaredteam/external-disclosures/security/advisories/GHSA-whc6-2989-42xm

For More Information

MITRE

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2022-39266 : ISOLATED-VM UP TO 4.3.6 API PROTECTION MECHANISM

CVE-2022-39266 : ISOLATED-VM UP TO 4.3.6 API PROTECTION MECHANISM

Description isolated-vm is a library for nodejs which gives the user access to v8’s Isolate interface. In versions 4.3.6 and

CVE-2022-34424 : DELL OS10 10.5.1.X/10.5.2.X/10.5.3.X OUT-OF-BOUNDS WRITE

CVE-2022-34424 : DELL OS10 10.5.1.X/10.5.2.X/10.5.3.X OUT-OF-BOUNDS WRITE

Description Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a vulnerability that could allow an attacker to cause a system

CVE-2022-41604 : CHECK POINT ZONEALARM EXTREME SECURITY PRIOR 15.8.211.19229 UPDATES PERMISSION

CVE-2022-41604 : CHECK POINT ZONEALARM EXTREME SECURITY PRIOR 15.8.211.19229 UPDATES PERMISSION

Description Check Point ZoneAlarm Extreme Security before 15.8.211.19229 allows local users to escalate privileges. This occurs because of weak permissions