CVE-2022-35733
N/A
N/A
Summary
Missing authentication for critical function vulnerability in UNIMO Technology digital video recorders (UDR-JA1004/JA1008/JA1016 firmware versions v1.0.20.13 and earlier, and UDR-JA1016 firmware versions v2.0.20.13 and earlier) allows a remote unauthenticated attacker to execute an arbitrary OS command by sending a specially crafted request to the affected device web interface.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| UNIMO Technology Co., Ltd | UNIMO Technology digital video recorders UDR-JA1004/JA1008/JA1016 and UDR-JA1016 | UDR-JA1004/JA1008/JA1016 firmware versions v1.0.20.13 and earlier, and UDR-JA1016 firmware versions v2.0.20.13 and earlier | affected |
Weaknesses
- Missing Authentication for Critical Function
ADP Enrichment
CVE Program Container
Additional References
- http://www.unimo.co.jp/table_notice/index.php?act=1&resid=1643590226-637355
- https://jvn.jp/en/vu/JVNVU90821877/index.html
References
- http://www.unimo.co.jp/table_notice/index.php?act=1&resid=1643590226-637355
- https://jvn.jp/en/vu/JVNVU90821877/index.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.