Vulnerability Description
Seiko SkyBridge MB-A100/A110 v4.2.0 and below was discovered to contain an arbitrary file upload vulnerability via the restore backup function. This vulnerability allows attackers to execute arbitrary code via a crafted html file.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Seiko-Sol | Skybridge Mb-A100 Firmware | <= 4.2.0 |
| Seiko-Sol | Skybridge Mb-A100 | - |
| Seiko-Sol | Skybridge Mb-A110 Firmware | <= 4.2.0 |
| Seiko-Sol | Skybridge Mb-A110 | - |
Related Weaknesses (CWE)
References
- https://gist.github.com/Nwqda/88232102fed50b54c43871e88e993b54Broken Link
- https://www.seiko-sol.co.jp/products/skybridge/lineup/mb-a100/ProductVendor Advisory
- https://gist.github.com/Nwqda/88232102fed50b54c43871e88e993b54Broken Link
- https://www.seiko-sol.co.jp/products/skybridge/lineup/mb-a100/ProductVendor Advisory
FAQ
What is CVE-2022-36557?
CVE-2022-36557 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Seiko SkyBridge MB-A100/A110 v4.2.0 and below was discovered to contain an arbitrary file upload vulnerability via the restore backup function. This vulnerability allows attackers to execute arbitrary...
How severe is CVE-2022-36557?
CVE-2022-36557 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2022-36557?
Check the references section above for vendor advisories and patch information. Affected products include: Seiko-Sol Skybridge Mb-A100 Firmware, Seiko-Sol Skybridge Mb-A100, Seiko-Sol Skybridge Mb-A110 Firmware, Seiko-Sol Skybridge Mb-A110.