CVE-2022-37934: Path Traversal
First published: Thu Jan 05 2023(Updated: )
A potential security vulnerability has been identified in HPE OfficeConnect 1820, and 1850 switch series. The vulnerability could be remotely exploited to allow remote directory traversal in HPE OfficeConnect 1820 switch series version PT.02.17 and below, HPE OfficeConnect 1850 switch series version PC.01.23 and below, and HPE OfficeConnect 1850 (10G aggregator) switch version PO.01.22 and below.
Credit: security-alert@hpe.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Hp Officeconnect 1820 24g Poe\+ \(185w\) Switch J9983a Firmware | <pt.02.17 | |
| Hp Officeconnect 1820 24g Poe\+ \(185w\) Switch J9983a | ||
| Hp Officeconnect 1820 48g Poe\+ \(370w\) Switch J9984a Firmware | <pt.02.17 | |
| Hp Officeconnect 1820 48g Poe\+ \(370w\) Switch J9984a | ||
| Hp Officeconnect 1820 8g Poe\+ \(65w\) Switch J9982a Firmware | <pt.02.17 | |
| Hp Officeconnect 1820 8g Poe\+ \(65w\) Switch J9982a | ||
| Hp Officeconnect 1820 8g Switch J9979a Firmware | <pt.02.17 | |
| Hp Officeconnect 1820 8g Switch J9979a | ||
| Hpe Officeconnect 1850 24g 2xgt Firmware | <pc.01.23 | |
| Hpe Officeconnect 1850 24g 2xgt | ||
| Hpe Officeconnect 1850 24g 2xgt Poe\+ Firmware | <pc.01.23 | |
| Hpe Officeconnect 1850 24g 2xgt Poe\+ | ||
| Hpe Officeconnect 1850 2xgt\/spf\+ Firmware | <po.01.22 | |
| Hpe Officeconnect 1850 2xgt\/spf\+ | ||
| Hpe Officeconnect 1850 48g 4xgt Firmware | <pc.01.23 | |
| Hpe Officeconnect 1850 48g 4xgt | ||
| Hpe Officeconnect 1850 48g 4xgt Poe\+ Firmware | <pc.01.23 | |
| Hpe Officeconnect 1850 48g 4xgt Poe\+ | ||
| Hpe Officeconnect 1850 6xgt Firmware | <pc.01.23 | |
| Hpe Officeconnect 1850 6xgt |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-37934?
CVE-2022-37934 is a potential security vulnerability in HPE OfficeConnect 1820 and 1850 switch series.
How can CVE-2022-37934 be exploited?
CVE-2022-37934 can be remotely exploited to allow remote directory traversal.
Which versions of HPE OfficeConnect 1820 switch series are affected by CVE-2022-37934?
CVE-2022-37934 affects HPE OfficeConnect 1820 switch series version PT.02.17 and below.
Which versions of HPE OfficeConnect 1850 switch series are affected by CVE-2022-37934?
CVE-2022-37934 does not affect any versions of HPE OfficeConnect 1850 switch series.
How severe is CVE-2022-37934?
CVE-2022-37934 has a severity rating of 7.5 (high).
- collector/nvd-index
- agent/author
- agent/weakness
- agent/severity
- agent/references
- agent/description
- agent/type
- agent/tags
- agent/event
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- vendor/hp
- canonical/hp officeconnect 1820 24g poe\+ \(185w\) switch j9983a firmware
- canonical/hp officeconnect 1820 24g poe\+ \(185w\) switch j9983a
- canonical/hp officeconnect 1820 48g poe\+ \(370w\) switch j9984a firmware
- canonical/hp officeconnect 1820 48g poe\+ \(370w\) switch j9984a
- canonical/hp officeconnect 1820 8g poe\+ \(65w\) switch j9982a firmware
- canonical/hp officeconnect 1820 8g poe\+ \(65w\) switch j9982a
- canonical/hp officeconnect 1820 8g switch j9979a firmware
- canonical/hp officeconnect 1820 8g switch j9979a
- vendor/hpe
- canonical/hpe officeconnect 1850 24g 2xgt firmware
- canonical/hpe officeconnect 1850 24g 2xgt
- canonical/hpe officeconnect 1850 24g 2xgt poe\+ firmware
- canonical/hpe officeconnect 1850 24g 2xgt poe\+
- canonical/hpe officeconnect 1850 2xgt\/spf\+ firmware
- canonical/hpe officeconnect 1850 2xgt\/spf\+
- canonical/hpe officeconnect 1850 48g 4xgt firmware
- canonical/hpe officeconnect 1850 48g 4xgt
- canonical/hpe officeconnect 1850 48g 4xgt poe\+ firmware
- canonical/hpe officeconnect 1850 48g 4xgt poe\+
- canonical/hpe officeconnect 1850 6xgt firmware
- canonical/hpe officeconnect 1850 6xgt