CVE-2022-36267

CRITICAL EXPLOITED IN THE WILD

Airspan AirSpot 5410 <0.3.4.1-4 - Command Injection

Title source: llm

Description

In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists a Unauthenticated remote command injection vulnerability. The ping functionality can be called without user authentication when crafting a malicious http request by injecting code in one of the parameters allowing for remote code execution. This vulnerability is exploited via the binary file /home/www/cgi-bin/diagnostics.cgi that accepts unauthenticated requests and unsanitized data. As a result, a malicious actor can craft a specific request and interact remotely with the device.

Exploits (2)

exploitdb WORKING POC

by Samy Younsi · pythonremotelinux

https://www.exploit-db.com/exploits/51011

View Code ZIP pw:eip

nomisec WORKING POC 10 stars

by 0xNslabs · remote

https://github.com/0xNslabs/CVE-2022-36267-PoC

View Code ZIP pw:eip

References (3)

[Exploit, Third Party Advisory] http://packetstormsecurity.com/files/168047/AirSpot-5410-0.3.4.1-4-Remote-Command-Injection.html

[Exploit, Mitigation, Third Party Advisory] https://gist.github.com/Nwqda/e82b3155401b094372195fdaa9b54833

[Product, Third Party Advisory] https://wdi.rfwel.com/cdn/techdocs/AirSpot5410.pdf

Scores

CVSS v3 9.8

EPSS 0.7023

EPSS Percentile 98.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2023-02-15

InTheWild.io 2023-02-15

Status published

Products (1)

airspan/airspot_5410_firmware < 0.3.4.1-4

Published Aug 08, 2022

Tracked Since Feb 18, 2026