{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-17T06:08:33.537","vulnerabilities":[{"cve":{"id":"CVE-2022-35733","sourceIdentifier":"vultures@jpcert.or.jp","published":"2022-08-23T02:15:07.503","lastModified":"2024-11-21T07:11:34.117","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Missing authentication for critical function vulnerability in UNIMO Technology digital video recorders (UDR-JA1004/JA1008/JA1016 firmware versions v1.0.20.13 and earlier, and UDR-JA1016 firmware versions v2.0.20.13 and earlier) allows a remote unauthenticated attacker to execute an arbitrary OS command by sending a specially crafted request to the affected device web interface."},{"lang":"es","value":"Una falta de autenticación para la vulnerabilidad de la función crítica en los grabadores de vídeo digital de UNIMO Technology (versiones de firmware UDR-JA1004/JA1008/JA1016 versiones v1.0.20.13 y anteriores, y versiones de firmware UDR-JA1016 v2.0.20.13 y anteriores) permite a un atacante remoto no autenticado ejecutar un comando arbitrario del Sistema Operativo mediante el envío de una petición especialmente diseñada a la interfaz web del dispositivo afectado."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-306"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:unimo:udr-ja1004_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"1.0.20.13","matchCriteriaId":"7EBDB7B7-0B10-46EB-BE94-9AF036778D81"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:unimo:udr-ja1004:-:*:*:*:*:*:*:*","matchCriteriaId":"DD4FF086-3812-43FF-86A3-6A464612AEE0"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:unimo:udr-ja1008_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"1.0.20.13","matchCriteriaId":"B92067E5-4411-4A8B-BD49-F5937EA16089"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:unimo:udr-ja1008:-:*:*:*:*:*:*:*","matchCriteriaId":"C6574581-471F-4812-8FFE-F41923C5B7EB"}]}]},{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:unimo:udr-ja1016_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"2.0.20.13","matchCriteriaId":"799CC776-530D-4CD6-B7EE-C8A6963A6E7B"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:unimo:udr-ja1016:-:*:*:*:*:*:*:*","matchCriteriaId":"62CF8836-F7F4-43CB-BA04-FF506DFB53F9"}]}]}],"references":[{"url":"http://www.unimo.co.jp/table_notice/index.php?act=1&resid=1643590226-637355","source":"vultures@jpcert.or.jp","tags":["Vendor Advisory"]},{"url":"https://jvn.jp/en/vu/JVNVU90821877/index.html","source":"vultures@jpcert.or.jp","tags":["Third Party Advisory"]},{"url":"http://www.unimo.co.jp/table_notice/index.php?act=1&resid=1643590226-637355","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://jvn.jp/en/vu/JVNVU90821877/index.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}