FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial
FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial

Exploit
CVE-2022-48217

Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) (CWE-75)

Published: Jan 4, 2023 / Updated: 22mo ago

010
CVSS 8.1EPSS 0.11%High
CVE info copied to clipboard

** DISPUTED ** The tf_remapper_node component 1.1.1 for Robot Operating System (ROS) allows attackers, who control the source code of a different node in the same ROS application, to change a robot's behavior. This occurs because a topic name depends on the attacker-controlled old_tf_topic_name and/or new_tf_topic_name parameter. NOTE: the vendor's position is "it is the responsibility of the programmer to make sure that only known and required parameters are set and unexpected parameters are not."

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Timeline

First Article

Feedly found the first article mentioning CVE-2022-48217. See article

Jan 4, 2023 at 7:14 PM / twitter.com
EPSS

EPSS Score was set to: 0.11% (Percentile: 42.6%)

Sep 23, 2023 at 2:40 AM
Static CVE Timeline Graph

Affected Systems

Tradr-project/tf_remapper
+null more

Exploits

https://github.com/tradr-project/tf_remapper_cpp/issues/1
+null more

Links to Mitre Att&cks

T1070: Indicator Removal on Host
+null more

Attack Patterns

CAPEC-81: Web Logs Tampering
+null more

News

CVE-2022-48217
INCIBE-CERT - Vulnerabilities RSS / 22mo
Gravedad: None Publicado: 04/01/2023 Last revised: 04/01/2023 Descripción: *** Pendiente de traducción *** ** DISPUTED ** The tf_remapper_node component 1.1.1 for Robot Operating System (ROS) allows attackers, who control the source code of a different node in the same ROS application, to change a robot's behavior. This occurs because a topic name depends on the attacker-controlled old_tf_topic_name and/or new_tf_topic_name parameter. NOTE: the vendor's position is "it is the responsibility of the programmer to make sure that only known and required parameters are set and unexpected parameters are not."
NA - CVE-2022-48217 - ** DISPUTED ** The tf_remapper_node component...
Security-Database Alerts Monitor : Last 100 Alerts / 22mo
** DISPUTED ** The tf_remapper_node component 1.1.1 for Robot Operating System (ROS) allows attackers, who control the source code of a different node in the same ROS application, to change a...
CVE-2022-48217
Latest security vulnerabilities / 22mo
If the vulnerability is created recently it may take a few days to gather vulnerable products list and other information like cvss scores. - CVSS Scores & Vulnerability Types
CVE-2022-48217
Latest security vulnerabilities / 22mo
** DISPUTED ** The tf_remapper_node component 1.1.1 for Robot Operating System (ROS) allows attackers, who control the source code of a different node in the same ROS application, to change a robot's behavior. This occurs because a topic name depends on the attacker-controlled old_tf_topic_name and/or new_tf_topic_name parameter. NOTE: the vendor's position is "it is the responsibility of the programmer to make sure that only known and required parameters are set and unexpected parameters are not." (CVSS:0.0) (Last Update:2023-01-04)
CVE-2022-48217
r/netcve / 22mo
submitted by /u/CVEreport [link] [comments]
See 9 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:High
Privileges Required:None
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

CVSS 8.1(18246)CWE-75(33)Tradr-project(1)

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI

Feedly Threat Intelligence30-day free trial