免费扫描
CRITICALCVE-2022-31483CVSS 9.1

通过经过身份验证的OSDP文件上传实现任意文件写入

平台

linux

组件

hid-mercury-intelligent-controllers

修复版本

1.271

1.271

1.271

1.271

1.271

1.271

1.271

1.271

1.271

1.271

1.271

1.271

1.271

1.271

AI Confidence: highNVDEPSS 0.6%已审阅: 2026年5月
在NVD查看
保存
正在翻译为您的语言…

CVE-2022-31483 describes an Arbitrary File Access vulnerability present in HID Mercury Intelligent Controllers running firmware versions prior to 1.271. This vulnerability allows an authenticated attacker to upload files with manipulated filenames, enabling them to overwrite sensitive system files. Successful exploitation can lead to root access on the underlying Linux operating system, posing a significant security risk.

影响与攻击场景翻译中…

The impact of CVE-2022-31483 is severe. An attacker exploiting this vulnerability can upload arbitrary files to any location on the controller's filesystem. This allows for the overwriting of critical system files, potentially leading to a complete compromise of the device. The attacker could install a startup service to maintain persistent remote access with root privileges, effectively establishing a backdoor. This could be leveraged for data exfiltration, denial of service, or further attacks against connected systems. The ability to gain root access represents a significant escalation of privileges and a substantial blast radius.

利用背景翻译中…

CVE-2022-31483 was publicly disclosed on June 6, 2022. While no active exploitation campaigns have been publicly confirmed, the vulnerability's critical severity and ease of exploitation make it a potential target. The vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are not widely available, but the vulnerability's nature suggests that development is likely. The ability to achieve root access with relative ease increases the likelihood of exploitation.

哪些人处于风险中翻译中…

Organizations utilizing HID Mercury Intelligent Controllers in industrial control systems, building automation networks, or any environment where these controllers manage critical infrastructure are at significant risk. Specifically, deployments relying on older firmware versions (≤1.271) and those with limited network segmentation are particularly vulnerable. Shared hosting environments where multiple tenants share the same controller hardware also present an increased risk surface.

检测步骤翻译中…

• linux / server:

journalctl -u hid-mercury -f | grep -i "upload"

• linux / server:

find / -name '*..*' -print 2>/dev/null

• linux / server:

lsof -i :8080 # Check for unusual processes listening on web ports

攻击时间线

  1. Disclosure

    disclosure

威胁情报

漏洞利用状态

概念验证未知
CISA KEVNO
互联网暴露

EPSS

0.62% (70% 百分位)

CVSS 向量

威胁情报· CVSS 3.1CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H9.1CRITICALAttack VectorNetwork攻击者如何到达目标Attack ComplexityLow利用漏洞所需的条件Privileges RequiredHigh攻击所需的认证级别User InteractionNone是否需要受害者采取行动ScopeChanged超出受影响组件的影响范围ConfidentialityHigh敏感数据泄露风险IntegrityHigh数据未授权篡改风险AvailabilityHigh服务中断风险nextguardhq.com · CVSS v3.1 基础分数
这些指标意味着什么?
Attack Vector
网络 — 可通过互联网远程利用,无需物理或本地访问。攻击面最大。
Attack Complexity
低 — 无需特殊条件,可以稳定地利用漏洞。
Privileges Required
高 — 需要管理员或特权账户。
User Interaction
无 — 攻击自动且无声,受害者无需任何操作。
Scope
已改变 — 攻击可以超出脆弱组件,影响其他系统。
Confidentiality
高 — 完全丧失机密性,攻击者可读取所有数据。
Integrity
高 — 攻击者可写入、修改或删除任何数据。
Availability
高 — 完全崩溃或资源耗尽,完全拒绝服务。

受影响的软件

组件hid-mercury-intelligent-controllers
供应商LenelS2
影响范围修复版本
ALL – 1.2711.271
ALL – 1.2711.271
ALL – 1.2711.271
ALL – 1.2711.271
ALL – 1.2711.271
ALL – 1.2711.271
ALL – 1.2711.271
ALL – 1.2711.271
ALL – 1.2711.271
ALL – 1.2711.271
ALL – 1.2711.271
ALL – 1.2711.271
ALL – 1.2711.271
ALL – 1.2711.271

弱点分类 (CWE)

CWE-22

时间线

  1. 已保留
  2. 发布日期
  3. 修改日期
  4. EPSS 更新日期

缓解措施和替代方案翻译中…

The primary mitigation for CVE-2022-31483 is to upgrade the HID Mercury Intelligent Controllers firmware to version 1.271 or later. If an immediate upgrade is not possible due to compatibility concerns or system downtime requirements, consider implementing stricter file upload validation on the web interface to prevent the injection of malicious filenames containing “..” and “/”. While not a complete solution, this can reduce the attack surface. Monitor system logs for unusual file creation or modification activity, particularly in sensitive system directories. After upgrading the firmware, verify the fix by attempting a file upload with a filename containing “..” and “/” – the upload should be rejected.

修复方法

将HID Mercury Intelligent Controllers的固件更新到1.271或更高版本。 这修复了允许任意文件写入和潜在获得root权限的远程访问漏洞。

CVE 安全通讯

漏洞分析和关键警报直接发送到您的邮箱。

常见问题翻译中…

What is CVE-2022-31483 — Arbitrary File Access in HID Mercury Controllers?

CVE-2022-31483 is a critical vulnerability allowing authenticated attackers to upload files to any location on HID Mercury Intelligent Controllers, potentially leading to root access and system compromise.

Am I affected by CVE-2022-31483 in HID Mercury Controllers?

You are affected if you are using HID Mercury Intelligent Controllers with firmware versions equal to or less than 1.271. Check your firmware version and upgrade immediately if necessary.

How do I fix CVE-2022-31483 in HID Mercury Controllers?

The recommended fix is to upgrade the firmware to version 1.271 or later. Implement stricter file upload validation as a temporary workaround if an upgrade is not immediately possible.

Is CVE-2022-31483 being actively exploited?

While no active exploitation campaigns have been publicly confirmed, the vulnerability's severity and ease of exploitation suggest it is a potential target.

Where can I find the official HID advisory for CVE-2022-31483?

Refer to the HID advisory for detailed information and updates: https://www.hidglobal.com/security-advisory/hid-mercury-intelligent-controllers-arbitrary-file-access-vulnerability

你的项目受影响吗?

上传你的依赖文件,立即了解此CVE和其他CVE是否影响你。

免费扫描搜索 CVE