Cyber Resilience

CVE-2022-45045

HighPublic PoCRCE

Published: 01 December 2022

Published
01 December 2022
Modified
24 April 2025
KEV Added
Patch
CVSS Score v3.1 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0106 78.1th percentile
Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-45045 is a high-severity OS Command Injection (CWE-78) vulnerability in Xiongmaitech Mbd6304T. Its CVSS base score is 8.8 (High).

Operationally, ranked in the top 21.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

EU & UK References

Vulnerability details

Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.00000117.10001.131900.00000 and NBD6808T-PL V4.02.R11.C7431119.12001.130000.00000, allow authenticated users to execute arbitrary commands as root, as exploited in the wild starting in approximately 2019. A remote and authenticated attacker, possibly using the default admin:tlJwpbo6 credentials, can…

more

connect to port 34567 and execute arbitrary operating system commands via a crafted JSON file during an upgrade request. Since at least 2021, Xiongmai has applied patches to prevent attackers from using this mechanism to execute telnetd.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

xiongmaitech
mbd6304t
all versions
xiongmaitech
nbd6808t-pl
all versions
xiongmaitech
nbd7004t-p
all versions
xiongmaitech
nbd7008t-p
all versions
xiongmaitech
nbd7016t-f-v2
all versions
xiongmaitech
nbd7024h-p
all versions
xiongmaitech
nbd7024t-p
all versions
xiongmaitech
nbd7804r-f\(ep\)
all versions
xiongmaitech
nbd7804r-f\(hdmi\)
all versions
xiongmaitech
nbd7804r-fw
all versions
+134 more product configuration(s) — see NVD for full list

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-78

Platform-independent apps typically execute inside a managed runtime or sandbox that restricts direct OS command execution, reducing the ability to exploit OS command injection.

addresses: CWE-78

Validates inputs to block special elements that would alter OS command execution.

References