{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-24T19:03:17.912","vulnerabilities":[{"cve":{"id":"CVE-2022-31483","sourceIdentifier":"productsecurity@carrier.com","published":"2022-06-06T17:15:11.397","lastModified":"2026-06-17T04:45:32.153","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An authenticated attacker can upload a file with a filename including “..” and “/” to achieve the ability to upload the desired file anywhere on the filesystem. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.271. This allows a malicious actor to overwrite sensitive system files and install a startup service to gain remote access to the underlaying Linux operating system with root privileges."},{"lang":"es","value":"Un atacante autenticado puede cargar un archivo con un nombre de archivo que incluya \"..\" y \"/\" para lograr la capacidad de cargar el archivo deseado en cualquier lugar del sistema de archivos. Esta vulnerabilidad afecta a los productos basados en los controladores inteligentes HID Mercury LP1501, LP1502, LP2500, LP4502 y EP4502 que contienen versiones de firmware anteriores a 1.271. Esto permite a un actor malicioso sobrescribir archivos confidenciales del sistema e instalar un servicio de inicio para conseguir acceso remoto al sistema operativo Linux subyacente con privilegios de root"}],"affected":[{"source":"productsecurity@carrier.com","affectedData":[{"vendor":"LenelS2","product":"LNL-X2210","versions":[{"version":"ALL","lessThan":"1.271","versionType":"custom","status":"affected"}]},{"vendor":"LenelS2","product":"LNL-X2220","versions":[{"version":"ALL","lessThan":"1.271","versionType":"custom","status":"affected"}]},{"vendor":"LenelS2","product":"LNL-X3300","versions":[{"version":"ALL","lessThan":"1.271","versionType":"custom","status":"affected"}]},{"vendor":"LenelS2","product":"LNL-X4420","versions":[{"version":"ALL","lessThan":"1.271","versionType":"custom","status":"affected"}]},{"vendor":"LenelS2","product":"LNL-4420","versions":[{"version":"ALL","lessThan":"1.271","versionType":"custom","status":"affected"}]},{"vendor":"LenelS2","product":"S2-LP-1501","versions":[{"version":"ALL","lessThan":"1.271","versionType":"custom","status":"affected"}]},{"vendor":"LenelS2","product":"S2-LP-1502","versions":[{"version":"ALL","lessThan":"1.271","versionType":"custom","status":"affected"}]},{"vendor":"LenelS2","product":"S2-LP-2500","versions":[{"version":"ALL","lessThan":"1.271","versionType":"custom","status":"affected"}]},{"vendor":"LenelS2","product":"S2-LP-4502","versions":[{"version":"ALL","lessThan":"1.271","versionType":"custom","status":"affected"}]},{"vendor":"HID Mercury","product":"LP1501","versions":[{"version":"ALL","lessThan":"1.271","versionType":"custom","status":"affected"}]},{"vendor":"HID Mercury","product":"LP1502","versions":[{"version":"ALL","lessThan":"1.271","versionType":"custom","status":"affected"}]},{"vendor":"HID Mercury","product":"LP2500","versions":[{"version":"ALL","lessThan":"1.271","versionType":"custom","status":"affected"}]},{"vendor":"HID Mercury","product":"LP4502","versions":[{"version":"ALL","lessThan":"1.271","versionType":"custom","status":"affected"}]},{"vendor":"HID Mercury","product":"EP4502","versions":[{"version":"ALL","lessThan":"1.271","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"productsecurity@carrier.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H","baseScore":9.1,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.3,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"productsecurity@carrier.com","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hidglobal:lp1501_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.271","matchCriteriaId":"C17212A5-3C38-4067-B845-5CA6B290D276"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hidglobal:lp1501:-:*:*:*:*:*:*:*","matchCriteriaId":"B9DC3EC5-C67D-4FE5-8B53-04AB785588FE"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hidglobal:lp1502_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.271","matchCriteriaId":"05D0B9D1-C1BC-4056-BB5A-1E81FE9DCB77"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hidglobal:lp1502:-:*:*:*:*:*:*:*","matchCriteriaId":"902FDABA-C5D0-4CAE-BBDF-E4338D3A4DAF"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hidglobal:lp2500_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.271","matchCriteriaId":"082CB88E-5997-4F6E-B5AA-E68F8BF6B5EB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hidglobal:lp2500:-:*:*:*:*:*:*:*","matchCriteriaId":"AAC2A69E-BF7D-448B-8347-19CFFABED15A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hidglobal:lp4502_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.271","matchCriteriaId":"A8517CDE-2F15-4969-914D-E19D44EE7E04"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hidglobal:lp4502:-:*:*:*:*:*:*:*","matchCriteriaId":"22147A65-6ADE-46F3-AFF8-E46CE81D6E8B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:hidglobal:ep4502_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.271","matchCriteriaId":"0960D158-39A8-477D-AD91-0C6608991DD8"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:hidglobal:ep4502:-:*:*:*:*:*:*:*","matchCriteriaId":"F9A28A38-C57D-4FC6-8CAA-0011AF06D290"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:carrier:lenels2_lnl-4420_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.271","matchCriteriaId":"907CFD2A-E23C-4F58-B3F1-F961903E1648"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:carrier:lenels2_lnl-4420:-:*:*:*:*:*:*:*","matchCriteriaId":"36855319-E36B-47C3-B27E-E1509D1C9D4D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:carrier:lenels2_lnl-x2210_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.271","matchCriteriaId":"D5C78505-AFF8-4410-A78B-3E83DF61B6BB"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:carrier:lenels2_lnl-x2210:-:*:*:*:*:*:*:*","matchCriteriaId":"3B091C8F-2C3A-47C9-92AC-550D977F781A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:carrier:lenels2_lnl-x2220_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.271","matchCriteriaId":"79174124-C90B-4210-AF1F-F2D9D505BBE4"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:carrier:lenels2_lnl-x2220:-:*:*:*:*:*:*:*","matchCriteriaId":"15FD8460-39D0-46C4-9F04-EB3B6C72767A"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:carrier:lenels2_lnl-x3300_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.271","matchCriteriaId":"BD83BFD0-A6FB-495D-AD79-A2DA848A7472"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:carrier:lenels2_lnl-x3300:-:*:*:*:*:*:*:*","matchCriteriaId":"389BE7A1-1B57-4097-9AAF-A6931C06BA15"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:carrier:lenels2_lnl-x4420_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.271","matchCriteriaId":"13AB3AC0-CEEE-49F0-B459-321468745739"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:carrier:lenels2_lnl-x4420:-:*:*:*:*:*:*:*","matchCriteriaId":"2BC2BAEA-E139-47C2-9A8F-857AB1C7D54B"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:carrier:lenels2_s2-lp-1501_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.271","matchCriteriaId":"532CEFDB-FCBB-496A-B9EE-176601135C0B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:carrier:lenels2_s2-lp-1501:-:*:*:*:*:*:*:*","matchCriteriaId":"3183C665-CD31-446D-8D95-908148675D25"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:carrier:lenels2_s2-lp-1502_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.271","matchCriteriaId":"3D6FE29B-1198-48C9-AE5D-CB4F7CC3C66E"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:carrier:lenels2_s2-lp-1502:-:*:*:*:*:*:*:*","matchCriteriaId":"93B38941-79D8-41E7-9763-989C0C3B6139"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:carrier:lenels2_s2-lp-2500_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.271","matchCriteriaId":"1AA34E5E-ED96-440F-AAF0-E4DC9FFFC2CE"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:carrier:lenels2_s2-lp-2500:-:*:*:*:*:*:*:*","matchCriteriaId":"1724D78F-EE79-4E48-BDB2-D399C573F42D"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:carrier:lenels2_s2-lp-4502_firmware:*:*:*:*:*:*:*:*","versionEndExcluding":"1.271","matchCriteriaId":"595A6A8C-D92D-4C61-919D-231757487A77"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:carrier:lenels2_s2-lp-4502:-:*:*:*:*:*:*:*","matchCriteriaId":"115129D2-5134-4BCD-B5D0-263F4687B59D"}]}]}],"references":[{"url":"https://www.corporate.carrier.com/product-security/advisories-resources/","source":"productsecurity@carrier.com","tags":["Vendor Advisory"]},{"url":"https://www.corporate.carrier.com/product-security/advisories-resources/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}