CVE-2022-38156

EPSS 0.35% · P58 Updated Feb 26, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2022-38156

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

A remote command injection issues exists in the web server of the Kratos SpectralNet device with SpectralNet Narrowband (NB) before 1.7.5. As an admin user, an attacker can send a crafted password in order to execute Linux commands as the root user.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Kratos SpectralNet 命令注入漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Kratos SpectralNet是美国Kratos公司的一个用于确保 QoS 和 SLA 的载波级数字化器。 Kratos SpectralNet Narrowband (NB) 1.7.5 之前版本版本存在命令注入漏洞。攻击者利用该漏洞可以发送特制的密码，以 root 用户身份执行 Linux 命令。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2022-38156

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2022-38156

请登录查看更多情报信息。

Same Patch Batch · n/a · 2023-06-12 · 27 CVEs total

CVE-2023-26133	8.2 HIGH	ProgressBar.js 安全漏洞
CVE-2023-30198	7.5 HIGH	PrestaShop 路径遍历漏洞
CVE-2023-34581		Service Provider Management System SQL注入漏洞
CVE-2023-28478		TP-LINK EC-70 缓冲区错误漏洞
CVE-2023-33625		D-Link DIR-600 命令注入漏洞
CVE-2023-33626		D-Link DIR-600 缓冲区错误漏洞
CVE-2023-34940		ASUS RT-N10LX 缓冲区错误漏洞
CVE-2023-34941		ASUS RT-N10LX 跨站脚本漏洞
CVE-2023-34942		ASUS RT-N10LX 缓冲区错误漏洞
CVE-2023-3161		Linux kernel 安全漏洞
CVE-2023-27716		kafkaUI-lite 安全漏洞
CVE-2023-3159		Linux kernel 资源管理错误漏洞
CVE-2023-34488		NanoMQ 缓冲区错误漏洞
CVE-2023-34494		NanoMQ 资源管理错误漏洞
CVE-2023-35042		GeoServer 安全漏洞
CVE-2023-33253		LabCollector 代码问题漏洞
CVE-2023-33290		git-url-parse 安全漏洞
CVE-2023-33492		EyouCms 跨站脚本漏洞
CVE-2023-34855		D-Link AC Centralized Management Platform 跨站脚本漏洞
CVE-2020-36732		Node.js 安全特征问题漏洞

Showing top 20 of 27 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2022-38156

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2022-38156

I. Basic Information for CVE-2022-38156

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2022-38156

III. Intelligence Information for CVE-2022-38156

Same Patch Batch · n/a · 2023-06-12 · 27 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2022-38156

Leave a comment