CVE-2022-0365
published 2022-02-04CVE-2022-0365: The affected product is vulnerable to an authenticated OS command injection, which may allow an attacker to inject and execute arbitrary shell commands as the…
PriorityP264critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
2.18%
80.1th percentile
The affected product is vulnerable to an authenticated OS command injection, which may allow an attacker to inject and execute arbitrary shell commands as the Admin (root) user.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ricon | industrial_cellular_router | — | — |
| ricon | industrial_cellular_router | — | — |
| riconmobile | s9922l_firmware | — | — |
| riconmobile | s9922xl_firmware | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability is an authenticated OS command injection (CWE-78) on Ricon Mobile Industrial Cellular Router, allowing arbitrary shell command execution as root/Admin user — monitor for unexpected shell process spawning from the router's web management process. ↗
- →Public exploits are available for this vulnerability — prioritize detection and network isolation of affected Ricon S9922XL and S9922L devices running firmware version 16.10.3. ↗
- →Exploitation requires no privileges and no user interaction (CVSS vector AV:N/AC:L/PR:N/UI:N), meaning unauthenticated network access to the management interface is sufficient to trigger the injection — block external access to the device's management interface. ↗
- ·Only Ricon Mobile Industrial Cellular Router models S9922XL and S9922L running firmware version 16.10.3 are confirmed affected. ↗
- ·Ricon Mobile has not responded to CISA mitigation requests — no vendor patch is confirmed available; users should contact Ricon Mobile support directly. ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Ricon Mobile Industrial Cellular Router
cisa_ics·2022-02-01·CVSS 9.1
[CRITICAL] Ricon Mobile Industrial Cellular Router
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Ricon Mobile Industrial Cellular Router
Last RevisedFebruary 01, 2022
Alert CodeICSA-22-032-01
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.1
- ATTENTION: Exploitable remotely/low attack complexity/public exploits are available
- Vendor: Ricon Mobile, Inc.
- Equipment: Industrial Cellular Router
- Vulnerability: OS Command Injection
## 2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to inject and execute arbitrary shell commands as an Admin user.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following versions of Ricon Industrial C
GHSA
GHSA-3qj2-6fgh-7xm2: The affected product is vulnerable to an authenticated OS command injection, which may allow an attacker to inject and execute arbitrary shell command
ghsa_unreviewed·2022-02-10
CVE-2022-0365 [CRITICAL] CWE-78 GHSA-3qj2-6fgh-7xm2: The affected product is vulnerable to an authenticated OS command injection, which may allow an attacker to inject and execute arbitrary shell command
The affected product is vulnerable to an authenticated OS command injection, which may allow an attacker to inject and execute arbitrary shell commands as the Admin (root) user.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-02-04
Published