CVE-2022-4982

DBLTek GoIP-1 firmware versions up to and including GHSFVT-1.1-67-5 contain a local file inclusion vulnerability. The device's web server exposes handlers (`frame.html` and `frame.A100.html`) that accept a path parameter (`content` or `sidebar`) which is not properly validated or canonicalized. An attacker can supply directory-traversal sequences to cause the server to read and return arbitrary filesystem files that the webserver user can access. Other GoIP models and firmware versions are likely affected. Exploitation evidence was observed by the Shadowserver Foundation on 2024-03-21 UTC.

CVSS

No CVSS.

References

Link	Resource
http://www.dbltek.com/
https://shufflingbytes.com/posts/hacking-goip-gsm-gateway/
https://www.exploit-db.com/exploits/50775
https://www.vulncheck.com/advisories/dbltek-goip-unauthenticated-lfi
https://shufflingbytes.com/posts/hacking-goip-gsm-gateway/
https://www.exploit-db.com/exploits/50775

Configurations

No configuration.

History

13 Nov 2025, 15:15

Type	Values Removed	Values Added
References	~~() https://shufflingbytes.com/posts/hacking-goip-gsm-gateway/ -~~	() https://shufflingbytes.com/posts/hacking-goip-gsm-gateway/ -
References	~~() https://www.exploit-db.com/exploits/50775 -~~	() https://www.exploit-db.com/exploits/50775 -

12 Nov 2025, 22:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-11-12 22:15

Updated : 2025-11-14 16:42

NVD link : CVE-2022-4982

Mitre link : CVE-2022-4982

CVE.ORG link : CVE-2022-4982

JSON object : View

Products Affected

No product.

CWE

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-98

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')

{"id": "CVE-2022-4982", "cveTags": [], "metrics": {"cvssMetricV40": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.7, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-11-12T22:15:42.187", "references": [{"url": "http://www.dbltek.com/", "source": "[email protected]"}, {"url": "https://shufflingbytes.com/posts/hacking-goip-gsm-gateway/", "source": "[email protected]"}, {"url": "https://www.exploit-db.com/exploits/50775", "source": "[email protected]"}, {"url": "https://www.vulncheck.com/advisories/dbltek-goip-unauthenticated-lfi", "source": "[email protected]"}, {"url": "https://shufflingbytes.com/posts/hacking-goip-gsm-gateway/", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}, {"url": "https://www.exploit-db.com/exploits/50775", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-22"}, {"lang": "en", "value": "CWE-98"}]}], "descriptions": [{"lang": "en", "value": "DBLTek GoIP-1 firmware versions up to and including GHSFVT-1.1-67-5 contain a local file inclusion vulnerability. The device's web server exposes handlers (`frame.html` and `frame.A100.html`) that accept a path parameter (`content` or `sidebar`) which is not properly validated or canonicalized. An attacker can supply directory-traversal sequences to cause the server to read and return arbitrary filesystem files that the webserver user can access. Other GoIP models and firmware versions are likely affected. Exploitation evidence was observed by the Shadowserver Foundation on 2024-03-21 UTC."}], "lastModified": "2025-11-14T16:42:30.503", "sourceIdentifier": "[email protected]"}