From 1a7246655c81e8196059022cd7433f21c7785f46 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 8 Sep 2022 12:00:34 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2022/27xxx/CVE-2022-27593.json | 7 ++-- 2022/30xxx/CVE-2022-30079.json | 71 +++++++++++++++++++++++++++++++--- 2022/40xxx/CVE-2022-40189.json | 18 +++++++++ 3 files changed, 87 insertions(+), 9 deletions(-) create mode 100644 2022/40xxx/CVE-2022-40189.json diff --git a/2022/27xxx/CVE-2022-27593.json b/2022/27xxx/CVE-2022-27593.json index 599a7009a2c..a2a34810a7a 100644 --- a/2022/27xxx/CVE-2022-27593.json +++ b/2022/27xxx/CVE-2022-27593.json @@ -64,7 +64,7 @@ "description_data": [ { "lang": "eng", - "value": "An externally controlled reference to a resource vulnerability has been reported to affect QNAP NAS running Photo Station. If exploited, This could allow an attacker to modify system files.\nWe have already fixed the vulnerability in the following versions: \nQTS 5.0.1: Photo Station 6.1.2 and later\nQTS 5.0.0/4.5.x: Photo Station 6.0.22 and later\nQTS 4.3.6: Photo Station 5.7.18 and later\nQTS 4.3.3: Photo Station 5.4.15 and later\nQTS 4.2.6: Photo Station 5.2.14 and later" + "value": "An externally controlled reference to a resource vulnerability has been reported to affect QNAP NAS running Photo Station. If exploited, This could allow an attacker to modify system files. We have already fixed the vulnerability in the following versions: QTS 5.0.1: Photo Station 6.1.2 and later QTS 5.0.0/4.5.x: Photo Station 6.0.22 and later QTS 4.3.6: Photo Station 5.7.18 and later QTS 4.3.3: Photo Station 5.4.15 and later QTS 4.2.6: Photo Station 5.2.14 and later" } ] }, @@ -102,8 +102,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://www.qnap.com/en/security-advisory/qsa-22-24" + "refsource": "MISC", + "url": "https://www.qnap.com/en/security-advisory/qsa-22-24", + "name": "https://www.qnap.com/en/security-advisory/qsa-22-24" } ] }, diff --git a/2022/30xxx/CVE-2022-30079.json b/2022/30xxx/CVE-2022-30079.json index 1b099b15029..cdff427ad0d 100644 --- a/2022/30xxx/CVE-2022-30079.json +++ b/2022/30xxx/CVE-2022-30079.json @@ -1,17 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-30079", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-30079", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Command injection vulnerability was discovered in Netgear R6200 v2 firmware through R6200v2-V1.0.3.12 via binary /sbin/acos_service that could allow remote authenticated attackers the ability to modify values in the vulnerable parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://netgear.com", + "refsource": "MISC", + "name": "http://netgear.com" + }, + { + "url": "https://www.netgear.com/about/security/", + "refsource": "MISC", + "name": "https://www.netgear.com/about/security/" + }, + { + "url": "http://r6200v2.com", + "refsource": "MISC", + "name": "http://r6200v2.com" + }, + { + "refsource": "MISC", + "name": "https://github.com/10TG/vulnerabilities/blob/main/Netgear/CVE-2022-30079/CVE-2022-30079.md", + "url": "https://github.com/10TG/vulnerabilities/blob/main/Netgear/CVE-2022-30079/CVE-2022-30079.md" } ] } diff --git a/2022/40xxx/CVE-2022-40189.json b/2022/40xxx/CVE-2022-40189.json new file mode 100644 index 00000000000..ff65b35eb71 --- /dev/null +++ b/2022/40xxx/CVE-2022-40189.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-40189", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file