MidnightBSD

Advisories for advice

CVE-2022-36779

PROSCEND - PROSCEND / ADVICE .Ltd - G/5G Industrial Cellular Router (with GPS)4 Unauthenticated OS Command Injection Proscend M330-w / M33-W5 / M350-5G / M350-W5G / M350-6 / M350-W6 / M301-G / M301-GW ADVICE ICR 111WG / https://www.proscend.com/en/category/industrial-Cellular-Router/industrial-Cellular-Router.html https://cdn.shopify.com/s/files/1/0036/9413/3297/files/ADVICE_Industrial_4G_LTE_Cellular_Router_ICR111WG.pdf?v=1620814301

CVSS 3.x

Source Score Severity Vector Exploitability Impact
cna@cyber.gov.il 6.5 MEDIUM CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L 2.3 3.7
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
proscend m350-5g_firmware *
proscend m350-6_firmware *
proscend m301-g_firmware *
proscend m350-w6_firmware *
proscend m330-w5_firmware *
advice icr_111wg_firmware *
proscend m330-w_firmware *
proscend m350-w5g_firmware *
proscend m301-gw_firmware *