ip-com CVE Vulnerabilities & Metrics

Focus on ip-com vulnerabilities and metrics.

Last updated: 08 Mar 2025, 23:25 UTC

About ip-com Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with ip-com. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total ip-com CVEs: 20
Earliest CVE date: 27 Oct 2022, 18:15 UTC
Latest CVE date: 23 Dec 2022, 19:15 UTC

Latest CVE reference: CVE-2022-45721

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 0

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): 0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): 0.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical ip-com CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 0.0

Max CVSS: 0

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	20
4.0-6.9	0
7.0-8.9	0
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS ip-com CVEs

These are the five CVEs with the highest CVSS scores for ip-com, sorted by severity first and recency.

CVE-2022-45721 ip-com Published on 23 Dec 2022, 19:15 UTC (CVSS: 0)
IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the picName parameter in the formDelWewifiPic function.
CVE-2022-45720 ip-com Published on 23 Dec 2022, 19:15 UTC (CVSS: 0)
IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the ip, mac, and remark parameters in the formIPMacBindModify function.
CVE-2022-45719 ip-com Published on 23 Dec 2022, 19:15 UTC (CVSS: 0)
IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the gotoUrl parameter in the formPortalAuth function.
CVE-2022-45718 ip-com Published on 23 Dec 2022, 19:15 UTC (CVSS: 0)
IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the rules parameter in the formIPMacBindAdd function.
CVE-2022-45717 ip-com Published on 23 Dec 2022, 19:15 UTC (CVSS: 0)
IP-COM M50 V15.11.0.33(10768) was discovered to contain a command injection vulnerability via the usbPartitionName parameter in the formSetUSBPartitionUmount function. This vulnerability is exploited via a crafted GET request.

All CVEs for ip-com

CVE-2022-45721 ip-com vulnerability CVSS: 0 23 Dec 2022, 19:15 UTC

IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the picName parameter in the formDelWewifiPic function.

CVE-2022-45720 ip-com vulnerability CVSS: 0 23 Dec 2022, 19:15 UTC

IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the ip, mac, and remark parameters in the formIPMacBindModify function.

CVE-2022-45719 ip-com vulnerability CVSS: 0 23 Dec 2022, 19:15 UTC

IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the gotoUrl parameter in the formPortalAuth function.

CVE-2022-45718 ip-com vulnerability CVSS: 0 23 Dec 2022, 19:15 UTC

IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the rules parameter in the formIPMacBindAdd function.

CVE-2022-45717 ip-com vulnerability CVSS: 0 23 Dec 2022, 19:15 UTC

IP-COM M50 V15.11.0.33(10768) was discovered to contain a command injection vulnerability via the usbPartitionName parameter in the formSetUSBPartitionUmount function. This vulnerability is exploited via a crafted GET request.

CVE-2022-45716 ip-com vulnerability CVSS: 0 23 Dec 2022, 19:15 UTC

IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the indexSet parameter in the formIPMacBindDel function.

CVE-2022-45715 ip-com vulnerability CVSS: 0 23 Dec 2022, 19:15 UTC

IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the pLanPortRange and pWanPortRange parameters in the formSetPortMapping function.

CVE-2022-45714 ip-com vulnerability CVSS: 0 23 Dec 2022, 19:15 UTC

IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the indexSet parameter in the formQOSRuleDel function.

CVE-2022-45712 ip-com vulnerability CVSS: 0 23 Dec 2022, 19:15 UTC

IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the rules parameter in the formAddDnsForward function.

CVE-2022-45711 ip-com vulnerability CVSS: 0 23 Dec 2022, 19:15 UTC

IP-COM M50 V15.11.0.33(10768) was discovered to contain a command injection vulnerability via the hostname parameter in the formSetNetCheckTools function.

CVE-2022-45710 ip-com vulnerability CVSS: 0 23 Dec 2022, 19:15 UTC

IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the pEnable, pLevel, and pModule parameters in the formSetDebugCfg function.

CVE-2022-45709 ip-com vulnerability CVSS: 0 23 Dec 2022, 19:15 UTC

IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple command injection vulnerabilities via the pEnable, pLevel, and pModule parameters in the formSetDebugCfg function.

CVE-2022-45708 ip-com vulnerability CVSS: 0 23 Dec 2022, 19:15 UTC

IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the sPortMapIndex parameter in the formDelPortMapping function.

CVE-2022-45707 ip-com vulnerability CVSS: 0 23 Dec 2022, 19:15 UTC

IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the rules parameter in the formAddDnsHijack function.

CVE-2022-45706 ip-com vulnerability CVSS: 0 23 Dec 2022, 19:15 UTC

IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the hostname parameter in the formSetNetCheckTools function.

CVE-2022-45005 ip-com vulnerability CVSS: 0 13 Dec 2022, 19:15 UTC

IP-COM EW9 V15.11.0.14(9732) was discovered to contain a command injection vulnerability in the cmd_get_ping_output function.

CVE-2022-43367 ip-com vulnerability CVSS: 0 27 Oct 2022, 18:15 UTC

IP-COM EW9 V15.11.0.14(9732) was discovered to contain a command injection vulnerability in the formSetDebugCfg function.

CVE-2022-43366 ip-com vulnerability CVSS: 0 27 Oct 2022, 18:15 UTC

IP-COM EW9 V15.11.0.14(9732) allows unauthenticated attackers to access sensitive information via the checkLoginUser, ate, telnet, version, setDebugCfg, and boot interfaces.

CVE-2022-43365 ip-com vulnerability CVSS: 0 27 Oct 2022, 18:15 UTC

IP-COM EW9 V15.11.0.14(9732) was discovered to contain a buffer overflow in the formSetDebugCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string.

CVE-2022-43364 ip-com vulnerability CVSS: 0 27 Oct 2022, 18:15 UTC

An access control issue in the password reset page of IP-COM EW9 V15.11.0.14(9732) allows unauthenticated attackers to arbitrarily change the admin password.