CVE-2022-21810 HIGH

CVE-2022-21810

Vendor N/A
Product smartctl
Weakness CWE-78
Published January 25, 2023
Last update April 1, 2025
View on NVD All CVEs

CVSS base score

7.4/10
Attack vector Local
Attack complexity High
Privileges required None
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P

What the vulnerability does

01Description

All versions of the package smartctl are vulnerable to Command Injection via the info method due to improper input sanitization.

Key dates

02Disclosure timeline

January 25, 2023 CVE published
April 1, 2025 Record updated