CVE-2022-43553

High

A remote code execution vulnerability in EdgeRouters (Version 2.0.9-hotfix.4 and earlier) allows a malicious actor with an operator account…

hackerone·CWE-250·Published 2022-12-05

CVSS

8.8

EPSS

0.01

KEV

Exploits

cve.orgen

244 chars

A remote code execution vulnerability in EdgeRouters (Version 2.0.9-hotfix.4 and earlier) allows a malicious actor with an operator account to run arbitrary administrator commands.This vulnerability is fixed in Version 2.0.9-hotfix.5 and later.

NVDen

244 chars

NVDes

283 chars

Una vulnerabilidad de ejecución remota de código en EdgeRouters (Versión 2.0.9-hotfix.4 y anteriores) permite que un actor malicioso con una cuenta de operador ejecute comandos de administrador arbitrarios. Esta vulnerabilidad se solucionó en la Versión 2.0.9-hotfix.5 y posteriores.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	8.8	—	—	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
3.1	Primary	NVD	8.8	2.8	5.9	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H