Versio.io

CVE-2022-27632

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 18-05-2022 05:15
Last modified: - 02-06-2022 05:07
Total changes: - 2

Description

Cross-site request forgery (CSRF) vulnerability in Rebooter(WATCH BOOT nino RPC-M2C [End of Sale] all firmware versions, WATCH BOOT light RPC-M5C [End of Sale] all firmware versions, WATCH BOOT L-zero RPC-M4L [End of Sale] all firmware versions, WATCH BOOT mini RPC-M4H [End of Sale] all firmware versions, WATCH BOOT nino RPC-M2CS firmware version 1.00A to 1.00D, WATCH BOOT light RPC-M5CS firmware version 1.00A to 1.00D, WATCH BOOT L-zero RPC-M4LS firmware version 1.00A to 1.20A, and Signage Rebooter RPC-M4HSi firmware version 1.00A), PoE Rebooter(PoE BOOT nino PoE8M2 firmware version 1.00A to 1.20A), Scheduler(TIME BOOT mini RSC-MT4H [End of Sale] all firmware versions, TIME BOOT RSC-MT8F [End of Sale] all firmware versions, TIME BOOT RSC-MT8FP [End of Sale] all firmware versions, TIME BOOT mini RSC-MT4HS firmware version 1.00A to 1.10A, and TIME BOOT RSC-MT8FS firmware version 1.00A to 1.00E), and Contact Converter(POSE SE10-8A7B1 firmware version 1.00A to 1.20A) allows a remote attacker to hijack the authentication of an administrator and conduct arbitrary operations by having a user to view a specially crafted page.

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Low
Attack complexity
Network
Attack vector
High
Availability
High
Confidentiality
High
Integrity
None
Privileges required
Unchanged
Scope
Required
User interaction
8.8
Base score
2.8
5.9
Exploitability score
Impact score
 

Verification logic

OR
AND
OR
vendor=meikyo AND product=watch_boot_nino_rpc-m2c_firmware AND version=-
OR
vendor=meikyo AND product=watch_boot_nino_rpc-m2c AND version=-
AND
OR
vendor=meikyo AND product=watch_boot_light_rpc-m5c_firmware AND version=-
OR
vendor=meikyo AND product=watch_boot_light_rpc-m5c AND version=-
AND
OR
vendor=meikyo AND product=watch_boot_l-zero_rpc-m4l_firmware AND version=-
OR
vendor=meikyo AND product=watch_boot_l-zero_rpc-m4l AND version=-
AND
OR
vendor=meikyo AND product=watch_boot_mini_rpc-m4h_firmware AND version=-
OR
vendor=meikyo AND product=watch_boot_mini_rpc-m4h AND version=-
AND
OR
vendor=meikyo AND product=watch_boot_nino_rpc-m2cs_firmware AND versionEndIncluding=1.00d AND versionStartIncluding=1.00a
OR
vendor=meikyo AND product=watch_boot_nino_rpc-m2cs AND version=-
AND
OR
vendor=meikyo AND product=watch_boot_light_rpc-m5cs_firmware AND versionEndIncluding=1.00d AND versionStartIncluding=1.00a
OR
vendor=meikyo AND product=watch_boot_light_rpc-m5cs AND version=-
AND
OR
vendor=meikyo AND product=watch_boot_l-zero_rpc-m4ls_firmware AND versionEndIncluding=1.20a AND versionStartIncluding=1.00a
OR
vendor=meikyo AND product=watch_boot_l-zero_rpc-m4ls AND version=-
AND
OR
vendor=meikyo AND product=signage_rebooter_rpc-m4hsi_firmware AND version=1.00a
OR
vendor=meikyo AND product=signage_rebooter_rpc-m4hsi AND version=-
AND
OR
vendor=meikyo AND product=poe_boot_nino_poe8m2_firmware AND versionEndIncluding=1.20a AND versionStartIncluding=1.00a
OR
vendor=meikyo AND product=poe_boot_nino_poe8m2 AND version=-
AND
OR
vendor=meikyo AND product=time_boot_mini_rsc-mt4h_firmware AND version=-
OR
vendor=meikyo AND product=time_boot_mini_rsc-mt4h AND version=-
AND
OR
vendor=meikyo AND product=time_boot_rsc-mt8f_firmware AND version=-
OR
vendor=meikyo AND product=time_boot_rsc-mt8f AND version=-
AND
OR
vendor=meikyo AND product=time_boot_rsc-mt8fp_firmware AND version=-
OR
vendor=meikyo AND product=time_boot_rsc-mt8fp AND version=-
AND
OR
vendor=meikyo AND product=time_boot_mini_rsc-mt4hs_firmware AND versionEndIncluding=1.10a AND versionStartIncluding=1.00a
OR
vendor=meikyo AND product=time_boot_mini_rsc-mt4hs AND version=-
AND
OR
vendor=meikyo AND product=time_boot_rsc-mt8fs_firmware AND versionEndIncluding=1.00e AND versionStartIncluding=1.00a
OR
vendor=meikyo AND product=time_boot_rsc-mt8fs AND version=-
AND
OR
vendor=meikyo AND product=pose_se10-8a7b1_firmware AND version=-
vendor=meikyo AND product=pose_se10-8a7b1_firmware AND versionEndIncluding=1.20a AND versionStartIncluding=1.00a
OR
vendor=meikyo AND product=pose_se10-8a7b1 AND version=-
 

Reference

 


Keywords

NVD

 

CVE-2022-27632

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.