CVE-2022-42785
published 2022-11-15CVE-2022-42785: Multiple W&T products of the ComServer Series are prone to an authentication bypass. An unathenticated remote attacker, can log in without knowledge of the…
PriorityP263critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.00%
58.5th percentile
Multiple W&T products of the ComServer Series are prone to an authentication bypass. An unathenticated remote attacker, can log in without knowledge of the password by crafting a modified HTTP GET Request.
Affected
34 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| wiesemann_theis | at-modem-emulator | >= 1.0 < 1.48 | 1.48 |
| wiesemann_theis | com-server | >= 1.0 < 1.48 | 1.48 |
| wiesemann_theis | com-server_20ma | >= 1.0 < 1.48 | 1.48 |
| wiesemann_theis | com-server_highspeed_100basefx | >= 1.0 < 1.76 | 1.76 |
| wiesemann_theis | com-server_highspeed_100baselx | >= 1.0 < 1.76 | 1.76 |
| wiesemann_theis | com-server_highspeed_19_1port | >= 1.0 < 1.76 | 1.76 |
| wiesemann_theis | com-server_highspeed_19_4port | >= 1.0 < 1.76 | 1.76 |
| wiesemann_theis | com-server_highspeed_compact | >= 1.0 < 1.76 | 1.76 |
| wiesemann_theis | com-server_highspeed_industry | >= 1.0 < 1.76 | 1.76 |
| wiesemann_theis | com-server_highspeed_isolated | >= 1.0 < 1.76 | 1.76 |
| wiesemann_theis | com-server_highspeed_oem | >= 1.0 < 1.76 | 1.76 |
| wiesemann_theis | com-server_highspeed_office_1_port | >= 1.0 < 1.76 | 1.76 |
| wiesemann_theis | com-server_highspeed_office_4_port | >= 1.0 < 1.76 | 1.76 |
| wiesemann_theis | com-server_highspeed_poe | >= 1.0 < 1.76 | 1.76 |
| wiesemann_theis | com-server_lc | >= 1.0 < 1.48 | 1.48 |
| wiesemann_theis | com-server_poe_3_x_isolated | >= 1.0 < 1.48 | 1.48 |
| wiesemann_theis | com-server_ul | >= 1.0 < 1.48 | 1.48 |
| wut | at-modem-emulator_firmware | < 1.48 | 1.48 |
| wut | com-server_+_+_firmware | < 1.48 | 1.48 |
| wut | com-server_20ma_firmware | < 1.48 | 1.48 |
| wut | com-server_highspeed_100basefx_firmware | < 1.76 | 1.76 |
| wut | com-server_highspeed_100baselx_firmware | < 1.76 | 1.76 |
| wut | com-server_highspeed_19_1port_firmware | < 1.76 | 1.76 |
| wut | com-server_highspeed_19_4port_firmware | < 1.76 | 1.76 |
| wut | com-server_highspeed_compact_firmware | < 1.76 | 1.76 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-11-15
Published