CVE-2022-27632
8.8
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 2.8 / Impact: 5.9
Source: NVD
Description
Cross-site request forgery (CSRF) vulnerability in Rebooter(WATCH BOOT nino RPC-M2C [End of Sale] all firmware versions, WATCH BOOT light RPC-M5C [End of Sale] all firmware versions, WATCH BOOT L-zero RPC-M4L [End of Sale] all firmware versions, WATCH BOOT mini RPC-M4H [End of Sale] all firmware versions, WATCH BOOT nino RPC-M2CS firmware version 1.00A to 1.00D, WATCH BOOT light RPC-M5CS firmware version 1.00A to 1.00D, WATCH BOOT L-zero RPC-M4LS firmware version 1.00A to 1.20A, and Signage Rebooter RPC-M4HSi firmware version 1.00A), PoE Rebooter(PoE BOOT nino PoE8M2 firmware version 1.00A to 1.20A), Scheduler(TIME BOOT mini RSC-MT4H [End of Sale] all firmware versions, TIME BOOT RSC-MT8F [End of Sale] all firmware versions, TIME BOOT RSC-MT8FP [End of Sale] all firmware versions, TIME BOOT mini RSC-MT4HS firmware version 1.00A to 1.10A, and TIME BOOT RSC-MT8FS firmware version 1.00A to 1.00E), and Contact Converter(POSE SE10-8A7B1 firmware version 1.00A to 1.20A) allows a remote attacker to hijack the authentication of an administrator and conduct arbitrary operations by having a user to view a specially crafted page.
Affected (16)
Products: Meikyo: Watch Boot Nino Rpc M2c Firmware, Watch Boot Light Rpc M5c Firmware, Watch Boot L Zero Rpc M4l Firmware, Watch Boot Mini Rpc M4h Firmware, Watch Boot Nino Rpc M2cs Firmware, Watch Boot Light Rpc M5cs Firmware, Watch Boot L Zero Rpc M4ls Firmware, Signage Rebooter Rpc M4hsi Firmware, Poe Boot Nino Poe8m2 Firmware, Time Boot Mini Rsc Mt4h Firmware, Time Boot Rsc Mt8f Firmware, Time Boot Rsc Mt8fp Firmware, Time Boot Mini Rsc Mt4hs Firmware, Time Boot Rsc Mt8fs Firmware, Pose Se10 8a7b1 Firmware
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Meikyo Watch Boot Nino Rpc M2c | All versions |
Configuration B
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Meikyo Watch Boot Light Rpc M5c | All versions |
Configuration C
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Meikyo Watch Boot L Zero Rpc M4l | All versions |
Configuration D
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Meikyo Watch Boot Mini Rpc M4h | All versions |
Configuration E
| Vulnerable Software | Affected Versions |
|---|---|
| From 1.00a to 1.00d |
| Running on/with | Platform Versions |
|---|---|
Meikyo Watch Boot Nino Rpc M2cs | All versions |
Configuration F
| Vulnerable Software | Affected Versions |
|---|---|
| From 1.00a to 1.00d |
| Running on/with | Platform Versions |
|---|---|
Meikyo Watch Boot Light Rpc M5cs | All versions |
Configuration G
| Vulnerable Software | Affected Versions |
|---|---|
| From 1.00a to 1.20a |
| Running on/with | Platform Versions |
|---|---|
Meikyo Watch Boot L Zero Rpc M4ls | All versions |
Configuration H
| Vulnerable Software | Affected Versions |
|---|---|
| Version 1.00a |
| Running on/with | Platform Versions |
|---|---|
Meikyo Signage Rebooter Rpc M4hsi | All versions |
Configuration I
| Vulnerable Software | Affected Versions |
|---|---|
| From 1.00a to 1.20a |
| Running on/with | Platform Versions |
|---|---|
Meikyo Poe Boot Nino Poe8m2 | All versions |
Configuration J
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Meikyo Time Boot Mini Rsc Mt4h | All versions |
Configuration K
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Meikyo Time Boot Rsc Mt8f | All versions |
Configuration L
| Vulnerable Software | Affected Versions |
|---|---|
| All versions |
| Running on/with | Platform Versions |
|---|---|
Meikyo Time Boot Rsc Mt8fp | All versions |
Configuration M
| Vulnerable Software | Affected Versions |
|---|---|
| From 1.00a to 1.10a |
| Running on/with | Platform Versions |
|---|---|
Meikyo Time Boot Mini Rsc Mt4hs | All versions |
Configuration N
| Vulnerable Software | Affected Versions |
|---|---|
| From 1.00a to 1.00e |
| Running on/with | Platform Versions |
|---|---|
Meikyo Time Boot Rsc Mt8fs | All versions |
Configuration O
| Vulnerable Software | Affected Versions |
|---|---|
| From 1.00a to 1.20a |
| Running on/with | Platform Versions |
|---|---|
Meikyo Pose Se10 8a7b1 | All versions |
References (4)
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Timeline
No history available yet.