Skip to main content

Mbd6304T CVE-2022-45045

HIGH
OS Command Injection (CWE-78)
2022-12-01 cve@mitre.org
Command Injection Mbd6304T Nbd6808T Pl Nbd7004T P Nbd7008T P Nbd7016T F V2 Nbd7024H P Nbd7024T P Nbd7804R F Ep Nbd7804R F Hdmi Nbd7804R Fw Nbd7804T Pl Nbd7808R Pl Ep Nbd7808R Pl Hdmi Nbd7808T Pl Nbd7904R Fs Nbd7904T P Nbd7904T Pl Nbd7904T Pl Xpoe Nbd7904T Plc Xpoe Nbd7904T Q Nbd7908T Q Nbd8004R Pl Ep Nbd8004R Yl Ep Nbd8004T Q Nbd8008R Pl Nbd8008R Pl Ep Nbd8008R Yl Ep Nbd8008Ra Gl Nbd8008Ra Glk Nbd8008Ra Ul Ep Nbd8008Ra Ula Nbd8008Ra Ulk Nbd8008T Q Nbd8009S Ula V2 Nbd8010S Kl V2 Nbd8016R Ul Nbd8016Ra K Ep Nbd8016Ra Ul Nbd8016Ra Ul Ep Nbd8016Ra Ula Nbd8016Ra Ulk Nbd8016S Kl V2 Nbd8016S Ula V2 Nbd8016T Q V2 Nbd8025R Ul Nbd8032H4 P Nbd8032H4 Q Nbd8032H4 Qe Nbd8032H4 Ul Nbd8032H8 P Nbd8032H8 Qe Nbd8032Ra Ul V2 Nbd8064H8 P Nbd80N16Ra Kl Nbd80N16Ra Kl Ep Nbd80S08S Kl Ep Nbd80S10S Kl Nbd80S16S Kl Nbd80S16S Kl Ep Nbd80X09Ra Kl Nbd80X09S Kl Nbd88X09S Kl Nbd8904R Pl Nbd8904R Yl Nbd8904T Gsc Xpoe Nbd8904T Q Nbd8908R Pl Nbd8908R Yl Nbd8908T Pl Xpoe Nbd8908T Plc Xpoe Nbd8916F4 Q Nbd8916F8 Q Mbd6304T Firmware Nbd6808T Pl Firmware Nbd7004T P Firmware Nbd7008T P Firmware Nbd7016T F V2 Firmware Nbd7024H P Firmware Nbd7024T P Firmware Nbd7804R F Ep Firmware Nbd7804R F Hdmi Firmware Nbd7804R Fw Firmware Nbd7804T Pl Firmware Nbd7808R Pl Ep Firmware Nbd7808R Pl Hdmi Firmware Nbd7808T Pl Firmware Nbd7904R Fs Firmware Nbd7904T P Firmware Nbd7904T Pl Firmware Nbd7904T Pl Xpoe Firmware Nbd7904T Plc Xpoe Firmware Nbd7904T Q Firmware Nbd7908T Q Firmware Nbd8004R Pl Ep Firmware Nbd8004R Yl Ep Firmware Nbd8004T Q Firmware Nbd8008R Pl Firmware Nbd8008R Pl Ep Firmware Nbd8008R Yl Ep Firmware Nbd8008Ra Gl Firmware Nbd8008Ra Glk Firmware Nbd8008Ra Ul Ep Firmware Nbd8008Ra Ula Firmware Nbd8008Ra Ulk Firmware Nbd8008T Q Firmware Nbd8009S Ula V2 Firmware Nbd8010S Kl V2 Firmware Nbd8016R Ul Firmware Nbd8016Ra K Ep Firmware Nbd8016Ra Ul Firmware Nbd8016Ra Ul Ep Firmware Nbd8016Ra Ula Firmware Nbd8016Ra Ulk Firmware Nbd8016S Kl V2 Firmware Nbd8016S Ula V2 Firmware Nbd8016T Q V2 Firmware Nbd8025R Ul Firmware Nbd8032H4 P Firmware Nbd8032H4 Q Firmware Nbd8032H4 Qe Firmware Nbd8032H4 Ul Firmware Nbd8032H8 P Firmware Nbd8032H8 Qe Firmware Nbd8032Ra Ul V2 Firmware Nbd8064H8 P Firmware Nbd80N16Ra Kl Firmware Nbd80N16Ra Kl Ep Firmware Nbd80S08S Kl Ep Firmware Nbd80S10S Kl Firmware Nbd80S16S Kl Firmware Nbd80S16S Kl Ep Firmware Nbd80X09Ra Kl Firmware Nbd80X09S Kl Firmware Nbd88X09S Kl Firmware Nbd8904R Pl Firmware Nbd8904R Yl Firmware Nbd8904T Gsc Xpoe Firmware Nbd8904T Q Firmware Nbd8908R Pl Firmware Nbd8908R Yl Firmware Nbd8908T Pl Xpoe Firmware Nbd8908T Plc Xpoe Firmware Nbd8916F4 Q Firmware Nbd8916F8 Q Firmware
8.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
8.8 HIGH
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

1
CVE Published
Dec 01, 2022 - 05:15 nvd
HIGH 8.8

DescriptionNVD

Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.00000117.10001.131900.00000 and NBD6808T-PL V4.02.R11.C7431119.12001.130000.00000, allow authenticated users to execute arbitrary commands as root, as exploited in the wild starting in approximately 2019. A remote and authenticated attacker, possibly using the default admin:tlJwpbo6 credentials, can connect to port 34567 and execute arbitrary operating system commands via a crafted JSON file during an upgrade request. Since at least 2021, Xiongmai has applied patches to prevent attackers from using this mechanism to execute telnetd.

AnalysisAI

Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.00000117.10001.131900.00000 and NBD6808T-PL V4.02.R11.C7431119.12001.130000.00000, allow authenticated users to execute arbitrary commands. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified as OS Command Injection (CWE-78), which allows attackers to execute arbitrary operating system commands on the host. Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.00000117.10001.131900.00000 and NBD6808T-PL V4.02.R11.C7431119.12001.130000.00000, allow authenticated users to execute arbitrary commands as root, as exploited in the wild starting in approximately 2019. A remote and authenticated attacker, possibly using the default admin:tlJwpbo6 credentials, can connect to port 34567 and execute arbitrary operating system commands via a crafted JSON file during an upgrade request. Since at least 2021, Xiongmai has applied patches to prevent attackers from using this mechanism to execute telnetd. Affected products include: Xiongmaitech Mbd6304T, Xiongmaitech Nbd6808T-Pl, Xiongmaitech Nbd7004T-P, Xiongmaitech Nbd7008T-P, Xiongmaitech Nbd7016T-F-V2.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Avoid passing user input to shell commands. Use language-specific APIs instead of shell execution. Apply strict input validation with allowlists.

Share

CVE-2022-45045 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy