CVE-2022-35733

Missing authentication for critical function vulnerability in UNIMO Technology digital video recorders (UDR-JA1004/JA1008/JA1016 firmware versions v1.0.20.13 and earlier, and UDR-JA1016 firmware versions v2.0.20.13 and earlier) allows a remote unauthenticated attacker to execute an arbitrary OS command by sending a specially crafted request to the affected device web interface.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:unimo:udr-ja1004_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:unimo:udr-ja1004:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:unimo:udr-ja1008_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:unimo:udr-ja1008:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:unimo:udr-ja1016_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:unimo:udr-ja1016:-:*:*:*:*:*:*:*

Information

Published : 2022-08-22 19:15

Updated : 2022-08-26 06:17


NVD link : CVE-2022-35733

Mitre link : CVE-2022-35733


JSON object : View

CWE
CWE-306

Missing Authentication for Critical Function

Advertisement

dedicated server usa

Products Affected

unimo

  • udr-ja1004_firmware
  • udr-ja1008
  • udr-ja1016
  • udr-ja1008_firmware
  • udr-ja1016_firmware
  • udr-ja1004