CVE-2022-25916 HIGH

CVE-2022-25916

Vendor N/A

Product mt7688-wiscan

Weakness CWE-78

Published February 1, 2023

Last update March 27, 2025

View on NVD All CVEs

CVSS base score

7.4/10

Attack vector Local

Attack complexity High

Privileges required None

User interaction None

Confidentiality High

Integrity High

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P

What the vulnerability does

01Description

Versions of the package mt7688-wiscan before 0.8.3 are vulnerable to Command Injection due to improper input sanitization in the 'wiscan.scan' function.

Key dates

02Disclosure timeline

February 1, 2023 CVE published

March 27, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2022-25916 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/78.html

Related vulnerabilities

CVE-2022-25916

01Description

02Disclosure timeline

03References

04Related CVE