CVE-2022-45045

Published: Dec 1, 2022Modified: Apr 24, 2025

8.8

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 2.8 / Impact: 5.9

Source: NVD

Description

Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.00000117.10001.131900.00000 and NBD6808T-PL V4.02.R11.C7431119.12001.130000.00000, allow authenticated users to execute arbitrary commands as root, as exploited in the wild starting in approximately 2019. A remote and authenticated attacker, possibly using the default admin:tlJwpbo6 credentials, can connect to port 34567 and execute arbitrary operating system commands via a crafted JSON file during an upgrade request. Since at least 2021, Xiongmai has applied patches to prevent attackers from using this mechanism to execute telnetd.

Affected (109)

109 products

Nbd7016t F V2 Firmware

Nbd7024h P Firmware

Nbd7024t P Firmware

Nbd7804r F(ep) Firmware

Nbd7804r F(hdmi) Firmware

Nbd7804r Fw Firmware

Nbd7804t Pl Firmware

Nbd7808r Pl(ep) Firmware

Nbd7808r Pl(hdmi) Firmware

Nbd7904t Pl Xpoe Firmware

Nbd7904t Plc Xpoe Firmware

Nbd7904t Q Firmware

Nbd7908t Q Firmware

Nbd8004r Pl(ep) Firmware

Nbd8004r Yl(ep) Firmware

Nbd8004t Q Firmware

Nbd8008r Pl Firmware

Nbd8008r Pl(ep) Firmware

Nbd8008r Yl(ep) Firmware

Nbd8008ra Gl Firmware

Nbd8008ra Glk Firmware

Nbd8008ra Ul(ep) Firmware

Nbd8008ra Ula Firmware

Nbd8008ra Ulk Firmware

Nbd8008t Q Firmware

Nbd8009s Ula V2 Firmware

Nbd8010s Kl V2 Firmware

Nbd8016r Ul Firmware

Nbd8016ra K(ep) Firmware

Nbd8016ra Ul Firmware

Nbd8016ra Ul(ep) Firmware

Nbd8016ra Ula Firmware

Nbd8016ra Ulk Firmware

Nbd8016s Kl V2 Firmware

Nbd8016s Ula V2 Firmware

Nbd8016t Q V2 Firmware

Nbd8025r Ul Firmware

Nbd8032h4 P Firmware

Nbd8032h4 Q Firmware

Nbd8032h4 Qe Firmware

Nbd8032h4 Ul Firmware

Nbd8032h8 P Firmware

Nbd8032h8 Qe Firmware

Nbd8032ra Ul V2 Firmware

Nbd8064h8 P Firmware

Nbd80n16ra Kl Firmware

Nbd80n16ra Kl(ep) Firmware

Nbd80s08s Kl(ep) Firmware

Nbd80s10s Kl Firmware

Nbd80s16s Kl Firmware

Nbd80s16s Kl(ep) Firmware

Nbd80x09ra Kl Firmware

Nbd80x09s Kl Firmware

Nbd88x09s Kl Firmware

Nbd8904r Pl Firmware

Nbd8904r Yl Firmware

Nbd8904t Gsc Xpoe Firmware

Nbd8904t Q Firmware

Nbd8908r Pl Firmware

Nbd8908r Yl Firmware

Nbd8908t Pl Xpoe Firmware

Nbd8908t Plc Xpoe Firmware

Nbd8916f4 Q Firmware

Nbd8916f8 Q Firmware

Configuration A

37 vulnerable

Vulnerable Software	Affected Versions
Xiongmaitech Nbd7004t P	All versions
Xiongmaitech Nbd7008t P	All versions
Xiongmaitech Nbd7016t F V2	All versions
Xiongmaitech Nbd7024h P	All versions
Xiongmaitech Nbd7024t P	All versions
Xiongmaitech Nbd7804r F(ep)	All versions
Xiongmaitech Nbd7804r F(hdmi)	All versions
Xiongmaitech Nbd7804r Fw	All versions
Xiongmaitech Nbd7804t Pl	All versions
Xiongmaitech Nbd7808r Pl(ep)	All versions
Xiongmaitech Nbd7808r Pl(hdmi)	All versions
Xiongmaitech Nbd7808t Pl	All versions
Xiongmaitech Nbd7904r Fs	All versions
Xiongmaitech Nbd7904t P	All versions
Xiongmaitech Nbd7904t Pl	All versions
Xiongmaitech Nbd7904t Q	All versions
Xiongmaitech Nbd7908t Q	All versions
Xiongmaitech Nbd8004r Pl(ep)	All versions
Xiongmaitech Nbd8004t Q	All versions
Xiongmaitech Nbd8008r Pl	All versions
Xiongmaitech Nbd8008r Pl(ep)	All versions
Xiongmaitech Nbd8008t Q	All versions
Xiongmaitech Nbd8016r Ul	All versions
Xiongmaitech Nbd8016t Q V2	All versions
Xiongmaitech Nbd8025r Ul	All versions
Xiongmaitech Nbd8032h4 P	All versions
Xiongmaitech Nbd8032h4 Q	All versions
Xiongmaitech Nbd8032h4 Qe	All versions
Xiongmaitech Nbd8032h8 P	All versions
Xiongmaitech Nbd8032h8 Qe	All versions
Xiongmaitech Nbd8064h8 P	All versions
Xiongmaitech Nbd8904r Pl	All versions
Xiongmaitech Nbd8904t Q	All versions
Xiongmaitech Nbd8908r Pl	All versions
Xiongmaitech Nbd8908r Yl	All versions
Xiongmaitech Nbd8916f4 Q	All versions
Xiongmaitech Nbd8916f8 Q	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Mbd6304t Firmware	Version 4.02.r11.00000117.10001.131900.00000

Running on/with	Platform Versions
Xiongmaitech Mbd6304t	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd6808t Pl Firmware	Version 4.02.r11.c7431119.12001.130000.00000

Running on/with	Platform Versions
Xiongmaitech Nbd6808t Pl	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd7004t P Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd7004t P	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd7008t P Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd7008t P	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd7016t F V2 Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd7016t F V2	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd7024h P Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd7024h P	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd7024t P Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd7024t P	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd7804r F(ep) Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd7804r F(ep)	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd7804r F(hdmi) Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd7804r F(hdmi)	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd7804r Fw Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd7804r Fw	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd7804t Pl Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd7804t Pl	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd7808r Pl(ep) Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd7808r Pl(ep)	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd7808r Pl(hdmi) Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd7808r Pl(hdmi)	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd7808t Pl Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd7808t Pl	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd7904r Fs Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd7904r Fs	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd7904t P Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd7904t P	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd7904t Pl Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd7904t Pl	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd7904t Pl Xpoe Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd7904t Pl Xpoe	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd7904t Plc Xpoe Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd7904t Plc Xpoe	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd7904t Q Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd7904t Q	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd7908t Q Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd7908t Q	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8004r Pl(ep) Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8004r Pl(ep)	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8004r Yl(ep) Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8004r Yl(ep)	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8004t Q Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8004t Q	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8008r Pl Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8008r Pl	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8008r Pl(ep) Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8008r Pl(ep)	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8008r Yl(ep) Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8008r Yl(ep)	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8008ra Gl Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8008ra Gl	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8008ra Glk Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8008ra Glk	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8008ra Ul(ep) Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8008ra Ul(ep)	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8008ra Ula Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8008ra Ula	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8008ra Ulk Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8008ra Ulk	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8008t Q Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8008t Q	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8009s Ula V2 Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8009s Ula V2	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8010s Kl V2 Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8010s Kl V2	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8016r Ul Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8016r Ul	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8016ra K(ep) Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8016ra K(ep)	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8016ra Ul Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8016ra Ul	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8016ra Ul(ep) Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8016ra Ul(ep)	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8016ra Ula Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8016ra Ula	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8016ra Ulk Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8016ra Ulk	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8016s Kl V2 Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8016s Kl V2	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8016s Ula V2 Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8016s Ula V2	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8016t Q V2 Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8016t Q V2	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8025r Ul Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8025r Ul	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8032h4 P Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8032h4 P	All versions

Configuration V

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8032h4 Q Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8032h4 Q	All versions

Configuration W

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8032h4 Qe Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8032h4 Qe	All versions

Configuration X

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8032h4 Ul Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8032h4 Ul	All versions

Configuration Y

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8032h8 P Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8032h8 P	All versions

Configuration Z

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8032h8 Qe Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8032h8 Qe	All versions

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8032ra Ul V2 Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8032ra Ul V2	All versions

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8064h8 P Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8064h8 P	All versions

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd80n16ra Kl Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd80n16ra Kl	All versions

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd80n16ra Kl(ep) Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd80n16ra Kl(ep)	All versions

Configuration E

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd80s08s Kl(ep) Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd80s08s Kl(ep)	All versions

Configuration F

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd80s10s Kl Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd80s10s Kl	All versions

Configuration G

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd80s16s Kl Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd80s16s Kl	All versions

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd80s16s Kl(ep) Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd80s16s Kl(ep)	All versions

Configuration I

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd80x09ra Kl Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd80x09ra Kl	All versions

Configuration J

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd80x09s Kl Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd80x09s Kl	All versions

Configuration K

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd88x09s Kl Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd88x09s Kl	All versions

Configuration L

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8904r Pl Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8904r Pl	All versions

Configuration M

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8904r Yl Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8904r Yl	All versions

Configuration N

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8904t Gsc Xpoe Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8904t Gsc Xpoe	All versions

Configuration O

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8904t Q Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8904t Q	All versions

Configuration P

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8908r Pl Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8908r Pl	All versions

Configuration Q

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8908r Yl Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8908r Yl	All versions

Configuration R

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8908t Pl Xpoe Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8908t Pl Xpoe	All versions

Configuration S

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8908t Plc Xpoe Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8908t Plc Xpoe	All versions

Configuration T

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8916f4 Q Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8916f4 Q	All versions

Configuration U

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Xiongmaitech Nbd8916f8 Q Firmware	All versions

Running on/with	Platform Versions
Xiongmaitech Nbd8916f8 Q	All versions

Related CWEs

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

References (2)

https://vulncheck.com/blog/xiongmai-iot-exploitation

Source: cve@mitre.org

ExploitTechnical DescriptionThird Party Advisory

https://vulncheck.com/blog/xiongmai-iot-exploitation

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitTechnical DescriptionThird Party Advisory

Timeline

No history available yet.