{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-25T07:14:45.266","vulnerabilities":[{"cve":{"id":"CVE-2022-1669","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2022-05-24T18:15:08.353","lastModified":"2026-06-17T04:22:53.807","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"A buffer overflow vulnerability has been detected in the firewall function of the device management web portal. The device runs a CGI binary (index.cgi) to offer a management web application. Once authenticated with valid credentials in this web portal, a potential attacker could submit any \"Address\" value and it would be copied to a second variable with a \"strcpy\" vulnerable function without checking its length. Because of this, it is possible to send a long address value to overflow the process stack, controlling the function return address."},{"lang":"es","value":"Se ha detectado una vulnerabilidad de desbordamiento de búfer en la función de firewall del portal web de administración del dispositivo. El dispositivo ejecuta un binario CGI (index.cgi) para ofrecer una aplicación web de administración. Una vez autenticado con credenciales válidas en este portal web, un potencial atacante podría enviar cualquier valor \"Address\" y éste sería copiado a una segunda variable con una función vulnerable \"strcpy\" sin comprobar su longitud. Debido a esto, es posible enviar un valor de dirección largo para desbordar la pila del proceso, controlando la dirección de retorno de la función"}],"affected":[{"source":"ics-cert@hq.dhs.gov","affectedData":[{"vendor":"CIRCUTOR","product":"COMPACT DC-S BASIC","versions":[{"version":"CIR_CDC_v1.2.17","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H","baseScore":6.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.6,"impactScore":5.2},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:P/A:P","baseScore":5.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2025-04-16T15:51:49.403979Z","id":"CVE-2022-1669","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-121"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:circutor:compact_dc-s_basic_firmware:1.2.17:*:*:*:*:*:*:*","matchCriteriaId":"EF4F1A36-3E03-4F15-BB01-2F6B759FD683"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:circutor:compact_dc-s_basic:-:*:*:*:*:*:*:*","matchCriteriaId":"F13E8571-BE1E-4041-81F8-0F59713927DE"}]}]}],"references":[{"url":"https://www.cisa.gov/uscert/ics/advisories/icsa-22-137-01","source":"ics-cert@hq.dhs.gov","tags":["Third Party Advisory","US Government Resource"]},{"url":"https://www.cisa.gov/uscert/ics/advisories/icsa-22-137-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","US Government Resource"]}]}}]}