CVE & CISA-KEV Catalog

CVE-2022-29516

CRITICALEPSS 78th pctl
9.8
CVSS v3
NVD

Description

The web console of FUJITSU Network IPCOM series (IPCOM EX2 IN(3200, 3500), IPCOM EX2 LB(1100, 3200, 3500), IPCOM EX2 SC(1100, 3200, 3500), IPCOM EX2 NW(1100, 3200, 3500), IPCOM EX2 DC, IPCOM EX2 DC, IPCOM EX IN(2300, 2500, 2700), IPCOM EX LB(1100, 1300, 2300, 2500, 2700), IPCOM EX SC(1100, 1300, 2300, 2500, 2700), and IPCOM EX NW(1100, 1300, 2300, 2500, 2700)) allows a remote attacker to execute an arbitrary OS command via unspecified vectors.

How to fix

Remediation Available
ipcom ex2 dc 3200 firmwareNVD
Affected:< v02l21_nf0201Fixed in:v02l21_nf0201CVE-2022-29516derived from NVD
ipcom ex2 dc 3500 firmwareNVD
Affected:< v02l21_nf0201Fixed in:v02l21_nf0201CVE-2022-29516derived from NVD
ipcom ex2 in 1100 firmwareNVD
Affected:< v01l05_nf0501Fixed in:v01l05_nf0501CVE-2022-29516derived from NVD
ipcom ex2 in 3200 firmwareNVD
Affected:< v01l05_nf0501Fixed in:v01l05_nf0501CVE-2022-29516derived from NVD
ipcom ex2 in 3500 firmwareNVD
Affected:< v01l05_nf0501Fixed in:v01l05_nf0501CVE-2022-29516derived from NVD
ipcom ex2 lb 1100 firmwareNVD
Affected:< v01l05_nf0501Fixed in:v01l05_nf0501CVE-2022-29516derived from NVD
ipcom ex2 lb 3200 firmwareNVD
Affected:< v01l05_nf0501Fixed in:v01l05_nf0501CVE-2022-29516derived from NVD
ipcom ex2 lb 3500 firmwareNVD
Affected:< v01l05_nf0501Fixed in:v01l05_nf0501CVE-2022-29516derived from NVD
ipcom ex2 nw 1100 firmwareNVD
Affected:< v01l05_nf0501Fixed in:v01l05_nf0501CVE-2022-29516derived from NVD
ipcom ex2 nw 3200 firmwareNVD
Affected:< v01l05_nf0501Fixed in:v01l05_nf0501CVE-2022-29516derived from NVD
ipcom ex2 nw 3500 firmwareNVD
Affected:< v01l05_nf0501Fixed in:v01l05_nf0501CVE-2022-29516derived from NVD
ipcom ex2 sc 1100 firmwareNVD
Affected:< v01l05_nf0501Fixed in:v01l05_nf0501CVE-2022-29516derived from NVD
ipcom ex2 sc 3200 firmwareNVD
Affected:< v01l05_nf0501Fixed in:v01l05_nf0501CVE-2022-29516derived from NVD
ipcom ex2 sc 3500 firmwareNVD
Affected:< v01l05_nf0501Fixed in:v01l05_nf0501CVE-2022-29516derived from NVD
ipcom ex in 2300 firmwareNVD
Affected:< e20l33_nf1101Fixed in:e20l33_nf1101CVE-2022-29516derived from NVD
ipcom ex in 2500 firmwareNVD
Affected:< e20l33_nf1101Fixed in:e20l33_nf1101CVE-2022-29516derived from NVD
ipcom ex in 2700 firmwareNVD
Affected:< e20l33_nf1101Fixed in:e20l33_nf1101CVE-2022-29516derived from NVD
ipcom ex lb 1100 firmwareNVD
Affected:< e20l33_nf1101Fixed in:e20l33_nf1101CVE-2022-29516derived from NVD
ipcom ex lb 1300 firmwareNVD
Affected:< e20l33_nf1101Fixed in:e20l33_nf1101CVE-2022-29516derived from NVD
ipcom ex lb 2300 firmwareNVD
Affected:< e20l33_nf1101Fixed in:e20l33_nf1101CVE-2022-29516derived from NVD
ipcom ex lb 2500 firmwareNVD
Affected:< e20l33_nf1101Fixed in:e20l33_nf1101CVE-2022-29516derived from NVD
ipcom ex lb 2700 firmwareNVD
Affected:< e20l33_nf1101Fixed in:e20l33_nf1101CVE-2022-29516derived from NVD
ipcom ex nw 1100 firmwareNVD
Affected:< e20l33_nf1101Fixed in:e20l33_nf1101CVE-2022-29516derived from NVD
ipcom ex nw 1300 firmwareNVD
Affected:< e20l33_nf1101Fixed in:e20l33_nf1101CVE-2022-29516derived from NVD
ipcom ex nw 2300 firmwareNVD
Affected:< e20l33_nf1101Fixed in:e20l33_nf1101CVE-2022-29516derived from NVD
ipcom ex nw 2500 firmwareNVD
Affected:< e20l33_nf1101Fixed in:e20l33_nf1101CVE-2022-29516derived from NVD
ipcom ex nw 2700 firmwareNVD
Affected:< e20l33_nf1101Fixed in:e20l33_nf1101CVE-2022-29516derived from NVD
ipcom ex sc 1100 firmwareNVD
Affected:< e20l33_nf1101Fixed in:e20l33_nf1101CVE-2022-29516derived from NVD
ipcom ex sc 1300 firmwareNVD
Affected:< e20l33_nf1101Fixed in:e20l33_nf1101CVE-2022-29516derived from NVD
ipcom ex sc 2300 firmwareNVD
Affected:< e20l33_nf1101Fixed in:e20l33_nf1101CVE-2022-29516derived from NVD
ipcom ex sc 2500 firmwareNVD
Affected:< e20l33_nf1101Fixed in:e20l33_nf1101CVE-2022-29516derived from NVD
ipcom ex sc 2700 firmwareNVD
Affected:< e20l33_nf1101Fixed in:e20l33_nf1101CVE-2022-29516derived from NVD
ipcom ve2 ls 100 firmwareNVD
Affected:< e20l33_nf1101Fixed in:e20l33_nf1101CVE-2022-29516derived from NVD
ipcom ve2 ls 200 firmwareNVD
Affected:< e20l33_nf1101Fixed in:e20l33_nf1101CVE-2022-29516derived from NVD
ipcom ve2 ls 220 firmwareNVD
Affected:< e20l33_nf1101Fixed in:e20l33_nf1101CVE-2022-29516derived from NVD
ipcom ve2 ls plus2 200 firmwareNVD
Affected:< e20l33_nf1101Fixed in:e20l33_nf1101CVE-2022-29516derived from NVD
ipcom ve2 ls plus2 220 firmwareNVD
Affected:< e20l33_nf1101Fixed in:e20l33_nf1101CVE-2022-29516derived from NVD
ipcom ve2 ls plus 100 firmwareNVD
Affected:< e20l33_nf1101Fixed in:e20l33_nf1101CVE-2022-29516derived from NVD
ipcom ve2 ls plus 200 firmwareNVD
Affected:< e20l33_nf1101Fixed in:e20l33_nf1101CVE-2022-29516derived from NVD
ipcom ve2 ls plus 220 firmwareNVD
Affected:< e20l33_nf1101Fixed in:e20l33_nf1101CVE-2022-29516derived from NVD
ipcom ve2 sc 100 firmwareNVD
Affected:< e20l33_nf1101Fixed in:e20l33_nf1101CVE-2022-29516derived from NVD
ipcom ve2 sc 200 firmwareNVD
Affected:< e20l33_nf1101Fixed in:e20l33_nf1101CVE-2022-29516derived from NVD
ipcom ve2 sc 220 firmwareNVD
Affected:< e20l33_nf1101Fixed in:e20l33_nf1101CVE-2022-29516derived from NVD
ipcom ve2 sc plus 100 firmwareNVD
Affected:< e20l33_nf1101Fixed in:e20l33_nf1101CVE-2022-29516derived from NVD
ipcom ve2 sc plus 200 firmwareNVD
Affected:< e20l33_nf1101Fixed in:e20l33_nf1101CVE-2022-29516derived from NVD
ipcom ve2 sc plus 220 firmwareNVD
Affected:< e20l33_nf1101Fixed in:e20l33_nf1101CVE-2022-29516derived from NVD

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityHigh
IntegrityHigh
AvailabilityHigh

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploit Intelligence

1.95%probability of exploitation in 30 days
78thpercentile

Elevated risk: more likely to be exploited than 78% of all known CVEs.

References

Vendor Advisory1
Third-Party Advisory1

Related Vulnerabilities

Other CWE-78 (OS Command Injection) vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2021-1498Critical9.8100%KEVFix
CVE-2014-6271Critical9.8100%KEVFix
CVE-2019-16920Critical9.8100%KEV-
CVE-2022-44877Critical9.8100%KEVFix
CVE-2020-8515Critical9.8100%KEV-
CVE-2020-9054Critical9.8100%KEVFix
Embed a live status badge for CVE-2022-29516
CVE-2022-29516 severity badge

Markdown

[![CVE-2022-29516](https://tridentstack.com/cve/badge/CVE-2022-29516.svg)](https://tridentstack.com/cve/CVE-2022-29516)

HTML

<a href="https://tridentstack.com/cve/CVE-2022-29516"><img src="https://tridentstack.com/cve/badge/CVE-2022-29516.svg" alt="CVE-2022-29516"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.