Strix
26.1K

CVE-2022-45796

HIGHCVSS 7.2/10EPSS 3.23%

Last modified

CVE-2022-45796 is a high-severity vulnerability rated 7.2/10 on the CVSS scale. Command injection vulnerability in nw_interface.html in SHARP multifunction printers (MFPs)'s Digital Full-color Multifunctional System 202 or earlier, 120 or earlier, 600 or earlier, 121 or earlier, 500 or earlier, 402 or earlier, 790 or earlier, and Digital Multifunctional System (Monochrome) 200 or earlier, 211 or earlier, 102 or earlier, 453 or earlier, 400 or earlier, 202 or earlier, 602 or earlier, 500 or earlier, 401 or earlier allows remote attackers to execute arbitrary commands via unspecified vectors.. EPSS estimates a 3.23% chance of exploitation in the next 30 days.

Description

Command injection vulnerability in nw_interface.html in SHARP multifunction printers (MFPs)'s Digital Full-color Multifunctional System 202 or earlier, 120 or earlier, 600 or earlier, 121 or earlier, 500 or earlier, 402 or earlier, 790 or earlier, and Digital Multifunctional System (Monochrome) 200 or earlier, 211 or earlier, 102 or earlier, 453 or earlier, 400 or earlier, 202 or earlier, 602 or earlier, 500 or earlier, 401 or earlier allows remote attackers to execute arbitrary commands via unspecified vectors.

Metrics

CVSS 3.1
7.2/10

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS Probability
3.23%

86.7th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
SharpBp-30c25 FirmwareAll versions
SharpBp-30c25t FirmwareAll versions
SharpBp-30c25y FirmwareAll versions
SharpBp-30c25z FirmwareAll versions
SharpBp-30m28 FirmwareAll versions
SharpBp-30m28t FirmwareAll versions
SharpBp-30m31 FirmwareAll versions
SharpBp-30m31t FirmwareAll versions
SharpBp-30m35 FirmwareAll versions
SharpBp-30m35t FirmwareAll versions
SharpBp-50c26 FirmwareAll versions
SharpBp-50c31 FirmwareAll versions
SharpBp-50c36 FirmwareAll versions
SharpBp-50c45 FirmwareAll versions
SharpBp-50c55 FirmwareAll versions
SharpBp-50c65 FirmwareAll versions
SharpBp-50m26 FirmwareAll versions
SharpBp-50m31 FirmwareAll versions
SharpBp-50m36 FirmwareAll versions
SharpBp-50m45 FirmwareAll versions
SharpBp-50m50 FirmwareAll versions
SharpBp-50m55 FirmwareAll versions
SharpBp-55c26 FirmwareAll versions
SharpBp-60c31 FirmwareAll versions
SharpBp-60c36 FirmwareAll versions
SharpBp-60c45 FirmwareAll versions
SharpBp-70c31 FirmwareAll versions
SharpBp-70c36 FirmwareAll versions
SharpBp-70c45 FirmwareAll versions
SharpBp-70c55 FirmwareAll versions
SharpBp-70c65 FirmwareAll versions
SharpBp-70m31 FirmwareAll versions
SharpBp-70m36 FirmwareAll versions
SharpBp-70m45 FirmwareAll versions
SharpBp-70m55 FirmwareAll versions
SharpBp-70m65 FirmwareAll versions
SharpBp-70m75 FirmwareAll versions
SharpBp-70m90 FirmwareAll versions
SharpMx-2630n FirmwareAll versions
SharpMx-2651 FirmwareAll versions
SharpMx-3050n FirmwareAll versions
SharpMx-3050n A FirmwareAll versions
SharpMx-3050v FirmwareAll versions
SharpMx-3050v A FirmwareAll versions
SharpMx-3051 FirmwareAll versions
SharpMx-3060n FirmwareAll versions
SharpMx-3060v FirmwareAll versions
SharpMx-3061 FirmwareAll versions
SharpMx-3061s FirmwareAll versions
SharpMx-3070n FirmwareAll versions

Showing 50 of 158 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2022-45796?
Command injection vulnerability in nw_interface.html in SHARP multifunction printers (MFPs)'s Digital Full-color Multifunctional System 202 or earlier, 120 or earlier, 600 or earlier, 121 or earlier, 500 or earlier, 402 or earlier, 790 or earlier, and Digital Multifunctional System (Monochrome) 200 or earlier, 211 or earlier, 102 or earlier, 453 or earlier, 400 or earlier, 202 or earlier, 602 or earlier, 500 or earlier, 401 or earlier allows remote attackers to execute arbitrary commands via unspecified vectors.
How severe is CVE-2022-45796?
CVE-2022-45796 has a CVSS score of 7.2/10 (HIGH severity). The EPSS model estimates a 3.23% probability of exploitation in the next 30 days.
How do I fix CVE-2022-45796?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2022-45796?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST