CVE-2022-32203

There is a command injection vulnerability in Huawei terminal printer product. Successful exploitation could result in the highest privileges of the printer. (Vulnerability ID: HWPSIRT-2022-51773) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2022-32203.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220601-01-6b47c6b6-en	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:huawei:cv81-wdm_firmware:01.70.49.29.46:*:*:*:*:*:*:*

cpe:2.3:h:huawei:cv81-wdm:-:*:*:*:*:*:*:*

History

10 Jan 2025, 21:21

Type	Values Removed	Values Added
References	~~() https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220601-01-6b47c6b6-en -~~	() https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220601-01-6b47c6b6-en - Vendor Advisory
CPE		cpe:2.3:h:huawei:cv81-wdm:-:::::::* cpe:2.3:o:huawei:cv81-wdm_firmware:01.70.49.29.46:::::::*
Summary		(es) Existe una vulnerabilidad de inyección de comandos en el producto de impresora de terminal Huawei. Si se explota con éxito, se podrían obtener los privilegios más altos de la impresora. (ID de vulnerabilidad: HWPSIRT-2022-51773) A esta vulnerabilidad se le ha asignado un ID de vulnerabilidad y exposición común (CVE): CVE-2022-32203.
First Time		Huawei cv81-wdm Huawei cv81-wdm Firmware Huawei

20 Dec 2024, 03:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-12-20 03:15

Updated : 2025-01-10 21:21

NVD link : CVE-2022-32203

Mitre link : CVE-2022-32203

CVE.ORG link : CVE-2022-32203

JSON object : View

Products Affected

huawei

cv81-wdm_firmware
cv81-wdm

CWE

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

{"id": "CVE-2022-32203", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@huawei.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2024-12-20T03:15:05.967", "references": [{"url": "https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20220601-01-6b47c6b6-en", "tags": ["Vendor Advisory"], "source": "psirt@huawei.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "psirt@huawei.com", "description": [{"lang": "en", "value": "CWE-77"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-77"}]}], "descriptions": [{"lang": "en", "value": "There is a command injection vulnerability in Huawei terminal printer product. Successful exploitation could result in the highest privileges of the printer. (Vulnerability ID: HWPSIRT-2022-51773)\n\nThis vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2022-32203."}, {"lang": "es", "value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos en el producto de impresora de terminal Huawei. Si se explota con \u00e9xito, se podr\u00edan obtener los privilegios m\u00e1s altos de la impresora. (ID de vulnerabilidad: HWPSIRT-2022-51773) A esta vulnerabilidad se le ha asignado un ID de vulnerabilidad y exposici\u00f3n com\u00fan (CVE): CVE-2022-32203."}], "lastModified": "2025-01-10T21:21:38.833", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:huawei:cv81-wdm_firmware:01.70.49.29.46:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F25F509-5AD1-4667-9FAB-0FEF8550FE88"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:huawei:cv81-wdm:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "08AA61FE-130C-494D-851A-0A18F2B5D057"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "psirt@huawei.com"}