cbcvebase.
CVE-2022-44606
published 2022-12-07

CVE-2022-44606: OS command injection vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware versions 71x10.1.107112.43A and earlier allows a remote authenticated attacker…

PriorityP258high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
1.47%
70.5th percentile
OS command injection vulnerability in UDR-JA1604/UDR-JA1608/UDR-JA1616 firmware versions 71x10.1.107112.43A and earlier allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter the device settings.

Affected

4 ranges
VendorProductVersion rangeFixed in
unimoudr-ja1604_firmware< 71x10.1.107114.43a71x10.1.107114.43a
unimoudr-ja1608_firmware< 71x10.1.107114.43a71x10.1.107114.43a
unimoudr-ja1616_firmware< 71x10.1.107114.43a71x10.1.107114.43a
unimo_technology_co_ltdudr-ja1604_udr-ja1608_udr-ja1616
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.