CVE-2022-1661
published 2022-06-02CVE-2022-1661: The affected products are vulnerable to directory traversal, which may allow an attacker to obtain arbitrary operating system files.
PriorityP354high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
15.06%
96.3th percentile
The affected products are vulnerable to directory traversal, which may allow an attacker to obtain arbitrary operating system files.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| keysight | n6841a_rf_firmware | < 2.4.0 | 2.4.0 |
| keysight | n6854a_firmware | < 2.4.0 | 2.4.0 |
| keysight | n6854a_geolocation_server_and_n6841a_rf_sensor_software | >= all < 2.3.0 | 2.3.0 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-g7rf-g4j7-7fc4: The affected products are vulnerable to directory traversal, which may allow an attacker to obtain arbitrary operating system files
ghsa_unreviewed·2022-06-03
CVE-2022-1661 [HIGH] CWE-22 GHSA-g7rf-g4j7-7fc4: The affected products are vulnerable to directory traversal, which may allow an attacker to obtain arbitrary operating system files
The affected products are vulnerable to directory traversal, which may allow an attacker to obtain arbitrary operating system files.
CISA ICS
Keysight N6854A Geolocation server and N6841A RF Sensor software
cisa_ics·2022-05-27·CVSS 9.8
[CRITICAL] Keysight N6854A Geolocation server and N6841A RF Sensor software
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Keysight N6854A Geolocation server and N6841A RF Sensor software
Last RevisedMay 27, 2022
Alert CodeICSA-22-146-01
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Keysight Technologies, Inc.
- Equipment: N6854A Geolocation server and N6841A RF Sensor software
- Vulnerabilities: Relative Path Traversal, Deserialization of Untrusted Data
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to obtain arbitrary operating system files and execute arbitrary code.
## 3. TECHNICAL DE
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2022-50865 kernel: tcp: fix a signed-integer-overflow bug in tcp_add_backlog()
bugzilla·2025-12-30
CVE-2022-50865 [MEDIUM] CVE-2022-50865 kernel: tcp: fix a signed-integer-overflow bug in tcp_add_backlog()
CVE-2022-50865 kernel: tcp: fix a signed-integer-overflow bug in tcp_add_backlog()
In the Linux kernel, the following vulnerability has been resolved:
tcp: fix a signed-integer-overflow bug in tcp_add_backlog()
The type of sk_rcvbuf and sk_sndbuf in struct sock is int, and
in tcp_add_backlog(), the variable limit is caculated by adding
sk_rcvbuf, sk_sndbuf and 64 * 1024, it may exceed the max value
of int and overflow. This patch reduces the limit budget by
halving the sndbuf to solve this issue since ACK packets are much
smaller than the payload.
Discussion:
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025123049-CVE-2022-50865-281e@gregkh/T
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 8
Via RHSA-2026:1661 https://access.r
Talos
Vulnerability Spotlight: EIP Stack Group OpENer open to two remote code execution vulnerabilities
blogs_talos·2023-02-23·CVSS 10.0
CVE-2022-43605 [CRITICAL] Vulnerability Spotlight: EIP Stack Group OpENer open to two remote code execution vulnerabilities
Cisco Talos recently discovered three vulnerabilities in EIP Stack Group OpENer, an ethernet/IP stack for I/O adapter devices, that could allow an attacker to cause a targeted server to crash or open the door to remote code execution.
Two of the vulnerabilities, TALOS-2022-1662 (CVE-2022-43605) and TALOS-2022-1661 (CVE-2022-43604) are considered to be considered of critical importance, with a CVSS score of a maximum 10 out of 10.
An adversary could exploit either of these vulnerabilities with an ethernet/IP request targeted at two functions on the software. These malicious requests could lead to an out-of-bounds write, potentially causing the server to crash or allowing the adversary to execute remote code on the targeted server.
TALOS-2022-1663 (CVE-2022-43606) is also caused by a spec
Talos
Vulnerability Spotlight: EIP Stack Group OpENer open to two remote code execution vulnerabilities
blogs_talos·2023-02-23·CVSS 10.0
CVE-2022-43605 [CRITICAL] Vulnerability Spotlight: EIP Stack Group OpENer open to two remote code execution vulnerabilities
## Vulnerability Spotlight: EIP Stack Group OpENer open to two remote code execution vulnerabilities
Cisco Talos recently discovered three vulnerabilities in EIP Stack Group OpENer, an ethernet/IP stack for I/O adapter devices, that could allow an attacker to cause a targeted server to crash or open the door to remote code execution.
Two of the vulnerabilities, TALOS-2022-1662 (CVE-2022-43605) and TALOS-2022-1661 (CVE-2022-43604) are considered to be considered of critical importance, with a CVSS score of a maximum 10 out of 10.
An adversary could exploit either of these vulnerabilities with an ethernet/IP request targeted at two functions on the software. These malicious requests could lead to an out-of-bounds write, potentially causing the server to crash or allowing the adversary to
2022-06-02
Published