CVE-2020-22007

MEDIUM

OKER G955V1 v1.03.02.20161128 - OS Command Injection via Boot Sequence Interruption

Title source: llm
STIX 2.1

Description

OS Command Injection vulnerability in OKER G955V1 v1.03.02.20161128, allows physical attackers to interrupt the boot sequence and execute arbitrary commands with root privileges.

Scores

CVSS v3 6.8
EPSS 0.0225
EPSS Percentile 80.8%
Attack Vector PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-862
Status published
Products (1)
okerthai/g955v1_firmware 1.03.02.20161128
Published Jan 18, 2023
Tracked Since Feb 18, 2026