1. Home
  2. CVE Database
  3. CVE-2022-40785
HIGH · 8.8

CVE-2022-40785

Unsanitized input when setting a locale file leads to shell injection in mIPC camera firmware 5.3.1.2003161406. This allows an attacker to gain remote code execution on cameras running the firmware wh...

Vulnerability Description

Unsanitized input when setting a locale file leads to shell injection in mIPC camera firmware 5.3.1.2003161406. This allows an attacker to gain remote code execution on cameras running the firmware when a victim logs into a specially crafted mobile app.

CVSS Score

8.8

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
HIGH
Integrity
HIGH
Availability
HIGH

Affected Products

VendorProductVersions
MipcmMipc Camera Firmware5.3.1.2003161406
MipcmMipc Camera-

Related Weaknesses (CWE)

CWE-78

References

FAQ

What is CVE-2022-40785?

CVE-2022-40785 is a vulnerability with a CVSS score of 8.8 (HIGH). Unsanitized input when setting a locale file leads to shell injection in mIPC camera firmware 5.3.1.2003161406. This allows an attacker to gain remote code execution on cameras running the firmware wh...

How severe is CVE-2022-40785?

CVE-2022-40785 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2022-40785?

Check the references section above for vendor advisories and patch information. Affected products include: Mipcm Mipc Camera Firmware, Mipcm Mipc Camera.