CVE-2022-36429

HIGH Year: 2022
CVSS v3 Score
7.2
High
Weakness Type
CWE-912
View all →

Vulnerability Description

A command execution vulnerability exists in the ubus backend communications functionality of Netgear Orbi Satellite RBS750 4.6.8.5. A specially-crafted JSON object can lead to arbitrary command execution. An attacker can send a sequence of malicious packets to trigger this vulnerability.

Related Vulnerabilities

CVE-2023-25183

HIGH
CVSS:7.2(High)

In Snap One OvrC Pro versions prior to 7.2, when logged into the superuser account, a new functionality appears that could allow users to execute arbitrary commands on the hub device.

CWE-9122023

CVE-2024-37994

MEDIUM
CVSS:7.1(High)

A vulnerability has been identified in SIMATIC Reader RF610R CMIIT (6GT2811-6BC10-2AA0) (All versions < V4.2), SIMATIC Reader RF610R ETSI (6GT2811-6BC10-0AA0) (All versions < V4.2), SIMATIC Reader RF6...

CWE-9122024

CVE-2024-22044

HIGH
CVSS:7.5(High)

A vulnerability has been identified in SENTRON 3KC ATC6 Expansion Module Ethernet (3KC9000-8TL75) (All versions). Affected devices expose an unused, unstable http service at port 80/tcp on the Modbus-...

CWE-9122024

CVE-2025-0626

HIGH
CVSS:7.5(High)

The "monitor" binary in the firmware of the affected product attempts to mount to a hard-coded, routable IP address, bypassing existing device network settings to do so. The function also enables the ...

CWE-9122025

CVE-2025-0675

HIGH
CVSS:7.5(High)

Multiple Elber products suffer from an unauthenticated device configuration and client-side hidden functionality disclosure.

CWE-9122025

CVE-2022-1741

MEDIUM
CVSS:6.8(Medium)

The tested version of Dominion Voting Systems ImageCast X has a Terminal Emulator application which could be leveraged by an attacker to gain elevated privileges on a device and/or install malicious c...

CWE-9122022