CVE-2022-43553 - Vulnerability Details - OpenCVE

A remote code execution vulnerability in EdgeRouters (Version 2.0.9-hotfix.4 and earlier) allows a malicious actor with an operator account to run arbitrary administrator commands.This vulnerability is fixed in Version 2.0.9-hotfix.5 and later.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Ui	Edgemax Edgerouter Edgemax Edgerouter Firmware

Configuration 1 [-]

AND

OR	cpe:2.3:o:ui:edgemax_edgerouter_firmware::::::::
	cpe:2.3:o:ui:edgemax_edgerouter_firmware:2.0.9:-::::::
	cpe:2.3:o:ui:edgemax_edgerouter_firmware:2.0.9:hotfix1::::::
	cpe:2.3:o:ui:edgemax_edgerouter_firmware:2.0.9:hotfix2::::::
	cpe:2.3:o:ui:edgemax_edgerouter_firmware:2.0.9:hotfix4::::::

cpe:2.3:h:ui:edgemax_edgerouter:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://community.ui.com/releases/Security-Advisory-Bulletin-026-026/07697c65-30b3-4c06-a158-35e06534480d

History

Thu, 24 Apr 2025 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: hackerone

Published: 2022-12-05T00:00:00.000Z

Updated: 2025-04-24T14:00:28.595Z

Reserved: 2022-10-20T00:00:00.000Z

Link: CVE-2022-43553

Vulnrichment

Updated: 2024-08-03T13:32:59.531Z

NVD

Status : Modified

Published: 2022-12-05T22:15:11.037

Modified: 2025-04-24T14:15:38.510

Link: CVE-2022-43553

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-43553", "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "assignerShortName": "hackerone", "dateUpdated": "2025-04-24T14:00:28.595Z", "dateReserved": "2022-10-20T00:00:00.000Z", "datePublished": "2022-12-05T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone", "dateUpdated": "2022-12-05T00:00:00.000Z"}, "descriptions": [{"lang": "en", "value": "A remote code execution vulnerability in EdgeRouters (Version 2.0.9-hotfix.4 and earlier) allows a malicious actor with an operator account to run arbitrary administrator commands.This vulnerability is fixed in Version 2.0.9-hotfix.5 and later."}], "affected": [{"vendor": "n/a", "product": "EdgeMAX EdgeRouter", "versions": [{"version": "Fixed Version: 2.0.9-hotfix.5 or later.", "status": "affected"}]}], "references": [{"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-026-026/07697c65-30b3-4c06-a158-35e06534480d"}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "Execution with Unnecessary Privileges (CWE-250)", "cweId": "CWE-250"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T13:32:59.531Z"}, "title": "CVE Program Container", "references": [{"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-026-026/07697c65-30b3-4c06-a158-35e06534480d", "tags": ["x_transferred"]}]}, {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-04-24T14:00:07.894561Z", "id": "CVE-2022-43553", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-24T14:00:28.595Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-026-026/07697c65-30b3-4c06-a158-35e06534480d", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T13:32:59.531Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2022-43553", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-04-24T14:00:07.894561Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-24T14:00:23.415Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "EdgeMAX EdgeRouter", "versions": [{"status": "affected", "version": "Fixed Version: 2.0.9-hotfix.5 or later."}]}], "references": [{"url": "https://community.ui.com/releases/Security-Advisory-Bulletin-026-026/07697c65-30b3-4c06-a158-35e06534480d"}], "descriptions": [{"lang": "en", "value": "A remote code execution vulnerability in EdgeRouters (Version 2.0.9-hotfix.4 and earlier) allows a malicious actor with an operator account to run arbitrary administrator commands.This vulnerability is fixed in Version 2.0.9-hotfix.5 and later."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-250", "description": "Execution with Unnecessary Privileges (CWE-250)"}]}], "providerMetadata": {"orgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "shortName": "hackerone", "dateUpdated": "2022-12-05T00:00:00.000Z"}}}, "cveMetadata": {"cveId": "CVE-2022-43553", "state": "PUBLISHED", "dateUpdated": "2025-04-24T14:00:28.595Z", "dateReserved": "2022-10-20T00:00:00.000Z", "assignerOrgId": "36234546-b8fa-4601-9d6f-f4e334aa8ea1", "datePublished": "2022-12-05T00:00:00.000Z", "assignerShortName": "hackerone"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:ui:edgemax_edgerouter_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "1D3FE42C-7A01-420B-BD79-60992B4DC90F", "versionEndExcluding": "2.0.9", "vulnerable": true}, {"criteria": "cpe:2.3:o:ui:edgemax_edgerouter_firmware:2.0.9:-:*:*:*:*:*:*", "matchCriteriaId": "DD084B6E-95B1-43EC-B44D-067F84857006", "vulnerable": true}, {"criteria": "cpe:2.3:o:ui:edgemax_edgerouter_firmware:2.0.9:hotfix1:*:*:*:*:*:*", "matchCriteriaId": "C0CE2156-E44D-4137-B823-E29E9B504090", "vulnerable": true}, {"criteria": "cpe:2.3:o:ui:edgemax_edgerouter_firmware:2.0.9:hotfix2:*:*:*:*:*:*", "matchCriteriaId": "D674905D-1E0B-428D-826A-CB75E5E0313C", "vulnerable": true}, {"criteria": "cpe:2.3:o:ui:edgemax_edgerouter_firmware:2.0.9:hotfix4:*:*:*:*:*:*", "matchCriteriaId": "ACD593F1-F9C4-40F1-AE07-82015E69429F", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:ui:edgemax_edgerouter:-:*:*:*:*:*:*:*", "matchCriteriaId": "A1F14C34-7687-425C-AF1A-EF3B97E1B65B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A remote code execution vulnerability in EdgeRouters (Version 2.0.9-hotfix.4 and earlier) allows a malicious actor with an operator account to run arbitrary administrator commands.This vulnerability is fixed in Version 2.0.9-hotfix.5 and later."}, {"lang": "es", "value": "Una vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en EdgeRouters (Versi\u00f3n 2.0.9-hotfix.4 y anteriores) permite que un actor malicioso con una cuenta de operador ejecute comandos de administrador arbitrarios. Esta vulnerabilidad se solucion\u00f3 en la Versi\u00f3n 2.0.9-hotfix.5 y posteriores."}], "id": "CVE-2022-43553", "lastModified": "2025-04-24T14:15:38.510", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2022-12-05T22:15:11.037", "references": [{"source": "support@hackerone.com", "tags": ["Vendor Advisory"], "url": "https://community.ui.com/releases/Security-Advisory-Bulletin-026-026/07697c65-30b3-4c06-a158-35e06534480d"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://community.ui.com/releases/Security-Advisory-Bulletin-026-026/07697c65-30b3-4c06-a158-35e06534480d"}], "sourceIdentifier": "support@hackerone.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-250"}], "source": "support@hackerone.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}