CVE-2022-4002

A command injection vulnerability could allow an authenticated user to execute operating system commands as root via a specially crafted API request.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:motorola:q14_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:motorola:q14:-:*:*:*:*:*:*:*

History

13 Aug 2024, 15:23

Type Values Removed Values Added
First Time Motorola q14
Motorola
Motorola q14 Firmware
CPE cpe:2.3:h:motorola:q14:-:*:*:*:*:*:*:*
cpe:2.3:o:motorola:q14_firmware:*:*:*:*:*:*:*:*
References () https://en-us.support.motorola.com/app/answers/detail/a_id/176952/~/motorola-q14-mesh-router-vulnerabilities - () https://en-us.support.motorola.com/app/answers/detail/a_id/176952/~/motorola-q14-mesh-router-vulnerabilities - Vendor Advisory
CWE CWE-77

01 Aug 2024, 12:42

Type Values Removed Values Added
Summary
  • (es) Una vulnerabilidad de inyección de comandos podría permitir a un usuario autenticado ejecutar comandos del sistema operativo como root a través de una solicitud API especialmente manipulada.

31 Jul 2024, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-07-31 21:15

Updated : 2024-08-13 15:23


NVD link : CVE-2022-4002

Mitre link : CVE-2022-4002

CVE.ORG link : CVE-2022-4002


JSON object : View

Products Affected

motorola

  • q14
  • q14_firmware
CWE
CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

CWE-287

Improper Authentication