CVE-2022-48472

CRITICAL

Huawei BiSheng-WNM Firmware - OS Command Injection

Title source: llm

Description

A Huawei printer has a system command injection vulnerability. Successful exploitation could lead to remote code execution. Affected product versions include:BiSheng-WNM versions OTA-BiSheng-FW-2.0.0.211-beta,BiSheng-WNM FW 3.0.0.325,BiSheng-WNM FW 2.0.0.211.

References (1)

Core 1

Core References

Vendor Advisory

https://www.huawei.com/en/psirt/security-advisories/2023/huawei-sa-sciviahpp-6bcddec5-en

Scores

CVSS v3 9.8

EPSS 0.0280

EPSS Percentile 86.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-78

Status published

Products (3)

huawei/bisheng-wnm_firmware 2.0.0.211

huawei/bisheng-wnm_firmware 3.0.0.325

huawei/ota-bisheng_firmware 2.0.0.211 beta

Published Jun 16, 2023

Tracked Since Feb 18, 2026