CVE-2022-32665
published 2023-01-03CVE-2022-32665: In Boa, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege with no additional execution…
PriorityP262critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.52%
71.5th percentile
In Boa, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20220026; Issue ID: OSBNB00144124.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mediatek | linkit_software_development_kit | < tlb7.3.258.100-p1-1555 | tlb7.3.258.100-p1-1555 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
MediaTek EN7528/EN7580 Boa command injection (EUVD-2022-35731)
vuldb·2026-06-01·CVSS 9.8
CVE-2022-32665 [CRITICAL] MediaTek EN7528/EN7580 Boa command injection (EUVD-2022-35731)
A vulnerability was found in MediaTek EN7528 and EN7580 and classified as critical. The impacted element is an unknown function of the component Boa. Executing a manipulation can lead to command injection.
This vulnerability is tracked as CVE-2022-32665. The attack can be launched remotely. No exploit exists.
Applying a patch is advised to resolve this issue.
GHSA
GHSA-pj6m-6h37-qw44: In Boa, there is a possible command injection due to improper input validation
ghsa_unreviewed·2023-01-03
CVE-2022-32665 [CRITICAL] CWE-77 GHSA-pj6m-6h37-qw44: In Boa, there is a possible command injection due to improper input validation
In Boa, there is a possible command injection due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: A20220026; Issue ID: OSBNB00144124.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-01-03
Published