CVE-2022-36553

CRITICAL EXPLOITED NUCLEI

Hytec Inter HWL-2511-SS <v1.05 - Command Injection

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2022-36553 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including 0xNslabs. A Nuclei detection template is also available.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2022-36553, an unauthenticated remote command injection vulnerability in Hytec Inter HWL-2511-SS devices. The exploit sends a crafted payload to the device's web interface to execute a reverse shell.

Description

Hytec Inter HWL-2511-SS v1.05 and below was discovered to contain a command injection vulnerability via the component /www/cgi-bin/popen.cgi.

Exploits (1)

nomisec WORKING POC 6 stars
by 0xNslabs · remote
https://github.com/0xNslabs/CVE-2022-36553-PoC

This repository contains a functional exploit for CVE-2022-36553, an unauthenticated remote command injection vulnerability in Hytec Inter HWL-2511-SS devices. The exploit sends a crafted payload to the device's web interface to execute a reverse shell.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: Hytec Inter HWL-2511-SS version 1.05 and under
No auth needed
Prerequisites: Network access to the target device · Target device must be running a vulnerable version of HWL-2511-SS
devstral-2 · analyzed Feb 18, 2026 Full analysis →

Nuclei Templates (1)

Hytec Inter HWL-2511-SS - Remote Command Execution
CRITICALVERIFIEDby HuTa0
FOFA: title="index" && header="lighttpd/1.4.30"

References (3)

Core 3

Scores

CVSS v3 9.8
EPSS 0.8931
EPSS Percentile 99.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2024-01-21
CWE
CWE-77
Status published
Products (1)
hytec/hwl-2511-ss_firmware < 1.05
Published Aug 29, 2022
Tracked Since Feb 18, 2026