CVE-2022-32203

There is a command injection vulnerability in Huawei terminal printer product. Successful exploitation could result in the highest privileges of the printer. (Vulnerability ID: HWPSIRT-2022-51773) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2022-32203.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220601-01-6b47c6b6-en	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:huawei:cv81-wdm_firmware:01.70.49.29.46:*:*:*:*:*:*:*

cpe:2.3:h:huawei:cv81-wdm:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2024-12-20 03:15

Updated : 2025-01-10 21:21

NVD link : CVE-2022-32203

Mitre link : CVE-2022-32203

CVE.ORG link : CVE-2022-32203

JSON object : View

Products Affected

huawei

cv81-wdm_firmware
cv81-wdm

CWE

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

{"id": "CVE-2022-32203", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2024-12-20T03:15:05.967", "references": [{"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220601-01-6b47c6b6-en", "tags": ["Vendor Advisory"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-77"}]}, {"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-77"}]}], "descriptions": [{"lang": "en", "value": "There is a command injection vulnerability in Huawei terminal printer product. Successful exploitation could result in the highest privileges of the printer. (Vulnerability ID: HWPSIRT-2022-51773)\n\nThis vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2022-32203."}, {"lang": "es", "value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos en el producto de impresora de terminal Huawei. Si se explota con \u00e9xito, se podr\u00edan obtener los privilegios m\u00e1s altos de la impresora. (ID de vulnerabilidad: HWPSIRT-2022-51773) A esta vulnerabilidad se le ha asignado un ID de vulnerabilidad y exposici\u00f3n com\u00fan (CVE): CVE-2022-32203."}], "lastModified": "2025-01-10T21:21:38.833", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:cv81-wdm_firmware:01.70.49.29.46:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F25F509-5AD1-4667-9FAB-0FEF8550FE88"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:cv81-wdm:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "08AA61FE-130C-494D-851A-0A18F2B5D057"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "[email protected]"}