← Back

CVE-2022-27632

nvd nist
Published: May 18, 2022Modified: Jun 17, 2026

JSON object

Loading...
8.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 2.8 / Impact: 5.9
Source: NVD

Description

Cross-site request forgery (CSRF) vulnerability in Rebooter(WATCH BOOT nino RPC-M2C [End of Sale] all firmware versions, WATCH BOOT light RPC-M5C [End of Sale] all firmware versions, WATCH BOOT L-zero RPC-M4L [End of Sale] all firmware versions, WATCH BOOT mini RPC-M4H [End of Sale] all firmware versions, WATCH BOOT nino RPC-M2CS firmware version 1.00A to 1.00D, WATCH BOOT light RPC-M5CS firmware version 1.00A to 1.00D, WATCH BOOT L-zero RPC-M4LS firmware version 1.00A to 1.20A, and Signage Rebooter RPC-M4HSi firmware version 1.00A), PoE Rebooter(PoE BOOT nino PoE8M2 firmware version 1.00A to 1.20A), Scheduler(TIME BOOT mini RSC-MT4H [End of Sale] all firmware versions, TIME BOOT RSC-MT8F [End of Sale] all firmware versions, TIME BOOT RSC-MT8FP [End of Sale] all firmware versions, TIME BOOT mini RSC-MT4HS firmware version 1.00A to 1.10A, and TIME BOOT RSC-MT8FS firmware version 1.00A to 1.00E), and Contact Converter(POSE SE10-8A7B1 firmware version 1.00A to 1.20A) allows a remote attacker to hijack the authentication of an administrator and conduct arbitrary operations by having a user to view a specially crafted page.

Affected (16)

Meikyo
15 products
Watch Boot Nino Rpc M2c Firmware
Watch Boot Light Rpc M5c Firmware
Watch Boot L Zero Rpc M4l Firmware
Watch Boot Mini Rpc M4h Firmware
Watch Boot Nino Rpc M2cs Firmware
Watch Boot Light Rpc M5cs Firmware
Watch Boot L Zero Rpc M4ls Firmware
Signage Rebooter Rpc M4hsi Firmware
Poe Boot Nino Poe8m2 Firmware
Time Boot Mini Rsc Mt4h Firmware
Time Boot Rsc Mt8f Firmware
Time Boot Rsc Mt8fp Firmware
Time Boot Mini Rsc Mt4hs Firmware
Time Boot Rsc Mt8fs Firmware
Pose Se10 8a7b1 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Watch Boot Nino Rpc M2c Firmware
All versions
Running on/withPlatform Versions
Meikyo
Watch Boot Nino Rpc M2c
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Watch Boot Light Rpc M5c Firmware
All versions
Running on/withPlatform Versions
Meikyo
Watch Boot Light Rpc M5c
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Watch Boot L Zero Rpc M4l Firmware
All versions
Running on/withPlatform Versions
Meikyo
Watch Boot L Zero Rpc M4l
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Watch Boot Mini Rpc M4h Firmware
All versions
Running on/withPlatform Versions
Meikyo
Watch Boot Mini Rpc M4h
All versions
Configuration E
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Watch Boot Nino Rpc M2cs Firmware
From 1.00a to 1.00d
Running on/withPlatform Versions
Meikyo
Watch Boot Nino Rpc M2cs
All versions
Configuration F
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Watch Boot Light Rpc M5cs Firmware
From 1.00a to 1.00d
Running on/withPlatform Versions
Meikyo
Watch Boot Light Rpc M5cs
All versions
Configuration G
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Watch Boot L Zero Rpc M4ls Firmware
From 1.00a to 1.20a
Running on/withPlatform Versions
Meikyo
Watch Boot L Zero Rpc M4ls
All versions
Configuration H
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Signage Rebooter Rpc M4hsi Firmware
Version 1.00a
Running on/withPlatform Versions
Meikyo
Signage Rebooter Rpc M4hsi
All versions
Configuration I
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Poe Boot Nino Poe8m2 Firmware
From 1.00a to 1.20a
Running on/withPlatform Versions
Meikyo
Poe Boot Nino Poe8m2
All versions
Configuration J
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Time Boot Mini Rsc Mt4h Firmware
All versions
Running on/withPlatform Versions
Meikyo
Time Boot Mini Rsc Mt4h
All versions
Configuration K
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Time Boot Rsc Mt8f Firmware
All versions
Running on/withPlatform Versions
Meikyo
Time Boot Rsc Mt8f
All versions
Configuration L
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Time Boot Rsc Mt8fp Firmware
All versions
Running on/withPlatform Versions
Meikyo
Time Boot Rsc Mt8fp
All versions
Configuration M
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Time Boot Mini Rsc Mt4hs Firmware
From 1.00a to 1.10a
Running on/withPlatform Versions
Meikyo
Time Boot Mini Rsc Mt4hs
All versions
Configuration N
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Time Boot Rsc Mt8fs Firmware
From 1.00a to 1.00e
Running on/withPlatform Versions
Meikyo
Time Boot Rsc Mt8fs
All versions
Configuration O
2 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Meikyo
Pose Se10 8a7b1 Firmware
From 1.00a to 1.20a
Pose Se10 8a7b1 Firmware
All versions
Running on/withPlatform Versions
Meikyo
Pose Se10 8a7b1
All versions

Related CWEs

CWE-352
Cross-Site Request Forgery (CSRF)
The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

References (4)

Source: vultures@jpcert.or.jp
Third Party Advisory
Source: vultures@jpcert.or.jp
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.