PROSCEND - PROSCEND / ADVICE .Ltd - G/5G Industrial Cellular Router (with GPS)4 Unauthenticated OS Command Injection Proscend M330-w / M33-W5 / M350-5G / M350-W5G / M350-6 / M350-W6 / M301-G / M301-GW ADVICE ICR 111WG / https://www.proscend.com/en/category/industrial-Cellular-Router/industrial-Cellular-Router.html https://cdn.shopify.com/s/files/1/0036/9413/3297/files/ADVICE_Industrial_4G_LTE_Cellular_Router_ICR111WG.pdf?v=1620814301

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.23075.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions
PROSCEND PROSCEND M330-w / M330-W5 affected
Version Status Constraints
V1.11 affected < V1.11*
PROSCEND PROSCEND M350-5G / M350-W5G / M350-6 / M350-W6 affected
Version Status Constraints
V1.02 affected < V1.02*
PROSCEND PROSCEND M301-G / M301-GW affected
Version Status Constraints
V2.20 affected < V2.20*
PROSCEND ADVICE ICR 111WG affected
Version Status Constraints
V1.11 affected < V1.11*

Configuration 1 [-]

AND
cpe:2.3:o:proscend:m330-w_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:proscend:m330-w:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:proscend:m330-w5_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:proscend:m330-w5:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:proscend:m350-5g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:proscend:m350-5g:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:proscend:m350-w5g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:proscend:m350-w5g:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:proscend:m350-6_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:proscend:m350-6:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:proscend:m350-w6_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:proscend:m350-w6:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:proscend:m301-g_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:proscend:m301-g:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
cpe:2.3:o:proscend:m301-gw_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:proscend:m301-gw:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:advice:icr_111wg_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:advice:icr_111wg:-:*:*:*:*:*:*:*

No data.

No data.

Project Subscriptions

Vendors Products
Advice Subscribe
Icr 111wg Subscribe
Icr 111wg Firmware Subscribe
Proscend Subscribe
M301-g Subscribe
M301-g Firmware Subscribe
M301-gw Subscribe
M301-gw Firmware Subscribe
M330-w Subscribe
M330-w5 Subscribe
M330-w5 Firmware Subscribe
M330-w Firmware Subscribe
M350-5g Subscribe
M350-5g Firmware Subscribe
M350-6 Subscribe
M350-6 Firmware Subscribe
M350-w5g Subscribe
M350-w5g Firmware Subscribe
M350-w6 Subscribe
M350-w6 Firmware Subscribe
Advisories

No advisories yet.

Fixes

Solution

Update released for the following versions: Proscend M330-w / M330-W5 Plan to fix on V1.11 Proscend M350-5G / M350-W5G / M350-6 / M350-W6 Fixed on V1.02 Proscend M301-G / M301-GW Fixed on V2.20 ADVICE ICR 111WG / Plan to fix on V1.11

Workaround

No workaround given by the vendor.

References
Link Providers
https://www.gov.il/en/departments/faq/cve_advisories cve-icon cve-icon
History

No history.

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: INCD

Published:

Updated: 2024-09-16T16:33:09.230Z

Reserved: 2022-07-26T00:00:00

Link: CVE-2022-36779

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-09-13T15:15:08.610

Modified: 2024-11-21T07:13:41.300

Link: CVE-2022-36779

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses