CVE-2022-23332
HIGHShenzhen Ejoin ACOM508/ACOM516/ACOM532 < 508-609-900-241-100-020/532-609-915-041-100-020 RCE via Ping Form
Title source: llmDescription
Command injection vulnerability in Manual Ping Form (Web UI) in Shenzhen Ejoin Information Technology Co., Ltd. ACOM508/ACOM516/ACOM532 609-915-041-100-020 allows a remote attacker to inject arbitrary code via the field.
References (3)
Core 3
Core References
Vendor Advisory x_refsource_misc
http://en.ejointech.com/
Exploit, Third Party Advisory x_refsource_misc
https://drive.google.com/drive/folders/1QRs6wos3mL9289TTUm98n5OmgBVrbYTx
Exploit, Third Party Advisory x_refsource_misc
https://github.com/kyl3song/CVE/tree/main/CVE-2022-23332
Scores
CVSS v3
8.8
EPSS
0.0517
EPSS Percentile
91.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-94
Status
published
Products (3)
ejointech/acom508_firmware
< 508-609-900-241-100-020
ejointech/acom516_firmware
ejointech/acom532_firmware
< 532-609-915-041-100-020
Published
May 09, 2022
Tracked Since
Feb 18, 2026