cbcvebase.
CVE-2022-0365
published 2022-02-04

CVE-2022-0365: The affected product is vulnerable to an authenticated OS command injection, which may allow an attacker to inject and execute arbitrary shell commands as the…

PriorityP264critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
2.18%
80.1th percentile
The affected product is vulnerable to an authenticated OS command injection, which may allow an attacker to inject and execute arbitrary shell commands as the Admin (root) user.

Affected

4 ranges
VendorProductVersion rangeFixed in
riconindustrial_cellular_router
riconindustrial_cellular_router
riconmobiles9922l_firmware
riconmobiles9922xl_firmware

Detection & IOCsextracted from sources · hover to see the quote

  • Vulnerability is an authenticated OS command injection (CWE-78) on Ricon Mobile Industrial Cellular Router, allowing arbitrary shell command execution as root/Admin user — monitor for unexpected shell process spawning from the router's web management process.
  • Public exploits are available for this vulnerability — prioritize detection and network isolation of affected Ricon S9922XL and S9922L devices running firmware version 16.10.3.
  • Exploitation requires no privileges and no user interaction (CVSS vector AV:N/AC:L/PR:N/UI:N), meaning unauthenticated network access to the management interface is sufficient to trigger the injection — block external access to the device's management interface.
  • ·Only Ricon Mobile Industrial Cellular Router models S9922XL and S9922L running firmware version 16.10.3 are confirmed affected.
  • ·Ricon Mobile has not responded to CISA mitigation requests — no vendor patch is confirmed available; users should contact Ricon Mobile support directly.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.