CVE-2022-4257
published 2022-12-01CVE-2022-4257: A vulnerability was found in C-DATA Web Management System. It has been rated as critical. This issue affects some unknown processing of the file…
PriorityP184critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
ITWVulnCheck KEV
Exploited in the wild
EPSS
43.93%
98.6th percentile
A vulnerability was found in C-DATA Web Management System. It has been rated as critical. This issue affects some unknown processing of the file cgi-bin/jumpto.php of the component GET Parameter Handler. The manipulation of the argument hostname leads to argument injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-214631.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| c-data | web_management_system | — | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vulncheck6.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-jvx4-vmw6-g8xc: A vulnerability was found in C-DATA Web Management System
ghsa_unreviewed·2022-12-01
CVE-2022-4257 [CRITICAL] CWE-707 GHSA-jvx4-vmw6-g8xc: A vulnerability was found in C-DATA Web Management System
A vulnerability was found in C-DATA Web Management System. It has been rated as critical. This issue affects some unknown processing of the file cgi-bin/jumpto.php of the component GET Parameter Handler. The manipulation of the argument hostname leads to argument injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-214631.
VulnCheck
cdatatec c-data_web_management_system Improper Neutralization
vulncheck·2022·CVSS 6.3
CVE-2022-4257 [MEDIUM] cdatatec c-data_web_management_system Improper Neutralization
cdatatec c-data_web_management_system Improper Neutralization
A vulnerability was found in C-DATA Web Management System. It has been rated as critical. This issue affects some unknown processing of the file cgi-bin/jumpto.php of the component GET Parameter Handler. The manipulation of the argument hostname leads to argument injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-214631.
Affected: cdatatec c-data_web_management_system
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://unit42.paloaltonetworks.com/mirai-variant-v3g4/; https://da
No detection rules found.
No public exploits indexed.
Unit42
Mirai Variant V3G4 Targets IoT Devices
blogs_unit42·2023-02-15·CVSS 7.5
[HIGH] Mirai Variant V3G4 Targets IoT Devices
## Content Warning
We are providing a content warning because the following contains usage of a racial slur by a threat actor, which is not condoned in any instance by Unit 42. Unit 42 has partially redacted the racial slur to provide researchers with the ability to identify it and check IoCs as needed.
## Executive Summary
From July to December 2022, Unit 42 researchers observed a Mirai variant called V3G4, which was leveraging several vulnerabilities to spread itself. The vulnerabilities exploited include the following:
- CVE-2012-4869: FreePBX Elastix Remote Command Execution Vulnerability
- Gitorious Remote Command Execution Vulnerability
- CVE-2014-9727: FRITZ!Box Webcam Remote Command Execution Vulnerability
- Mitel AWC Remote Command Execution Vulnerability
- CVE-2017-5173: Geut
Unit42
Mirai Variant V3G4 Targets IoT Devices
blogs_unit42·2023-02-15·CVSS 7.5
[HIGH] Mirai Variant V3G4 Targets IoT Devices
Threat Research Center
Threat Research
Vulnerabilities
## Mirai Variant V3G4 Targets IoT Devices
Chao Lei
Zhibin Zhang
Cecilia Hu
Aveek Das
Published: February 15, 2023
Threat Research
Vulnerabilities
Botnet
IoT Vulnerability
Mirai variant
V3G4
## Content Warning
We are providing a content warning because the following contains usage of a racial slur by a threat actor, which is not condoned in any instance by Unit 42. Unit 42 has partially redacted the racial slur to provide researchers with the ability to identify it and check IoCs as needed.
## Executive Summary
From July to December 2022, Unit 42 researchers observed a Mirai variant called V3G4, which was leveraging several vulnerabilities to spread itself. The vulnerabilities exploited include the following:
CV
2022-12-01
Published
Exploited in the wild