CVE-2022-38452

HIGH Year: 2022
CVSS v3 Score
8.8
High
Weakness Type
CWE-912
View all →

Vulnerability Description

A command execution vulnerability exists in the hidden telnet service functionality of Netgear Orbi Router RBR750 4.6.8.5. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger this vulnerability.

Related Vulnerabilities

CVE-2021-4229

HIGH
CVSS:8.8(High)

A vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. It has been rated as critical. This issue affects the crypto mining component which introduces a backdoor. Upgrading to version 0.7.30, 0....

CWE-9122021

CVE-2023-40158

HIGH
CVSS:8.8(High)

Hidden functionality vulnerability in the CBC products allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter its settings. As for the affected products/versi...

CWE-9122023

CVE-2024-45696

HIGH
CVSS:8.8(High)

Certain models of D-Link wireless routers contain hidden functionality. By sending specific packets to the web service, the attacker can forcibly enable the telnet service and log in using hard-coded ...

CWE-9122024

CVE-2024-47001

HIGH
CVSS:8.8(High)

Hidden functionality issue in multiple digital video recorders provided by TAKENAKA ENGINEERING CO., LTD. allows a remote authenticated attacker to execute an arbitrary OS command on the device or alt...

CWE-9122024

CVE-2024-10773

CRITICAL
CVSS:9.0(Critical)

The product is vulnerable to pass-the-hash attacks in combination with hardcoded credentials of hidden user levels. This means that an attacker can log in with the hidden user levels and gain full acc...

CWE-9122024

CVE-2022-3843

CRITICAL
CVSS:9.1(Critical)

In WAGO Unmanaged Switch (852-111/000-001) in firmware version 01 an undocumented configuration interface without authorization allows an remote attacker to read system information and configure a lim...

CWE-9122022