.. / CVE-2022-40022

Exploit for Symmetricom SyncServer Unauthenticated - Remote Command Execution (CVE-2022-40022)

Description:

Microchip Technology (Microsemi) SyncServer S650 was discovered to contain a command injection vulnerability.

Nuclei Template

View the template here CVE-2022-40022.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2022/CVE-2022-40022.yaml
Copy

References:

https://www.microsemi.com/campaigns/network-time-servers/syncserver-s600/?url=
http://packetstormsecurity.com/files/172907/Symmetricom-SyncServer-Unauthenticated-Remote-Command-Execution.html
https://www.microsemi.com/campaigns/network-time-servers/S650p/%3Fgd%3D1&id=5&gclid=Cj0KCQjwjbyYBhCdARIsAArC6LL-202ej5YfDB5lMIMSZ2735qjo5yaj2i-PrvLv2Cnh_kIJtFJ0oF8aAlMpEALw_wcB
https://nvd.nist.gov/vuln/detail/CVE-2022-40022
https://www.microsemi.com/document-portal/doc_download/135737-datasheet-syncserver-s650