NVD disclosure day

Published threat advisories for May 12, 2022

CVE-2022-29303

SolarView Compact Command Injection Vulnerability.

Halo Surface Signal: 4 out of 5 — likely to be public-facing.

A command injection vulnerability in SolarView Compact's web server can allow attackers to execute arbitrary commands. This could lead to system compromise and data loss. The business risk is high due to potential unauthorized access and control.

NVD published: May 12, 2022 • CISA KEV

CVE advisoryKnown Exploit

CVE-2022-30525

Zyxel Firewall Command Injection Vulnerability.

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

A vulnerability in certain Zyxel firewall devices allows attackers to modify files and execute OS commands. This can lead to unauthorized system control and compromise, posing a significant business risk. Organizations should identify and update affected devices promptly.

NVD published: May 12, 2022 • CISA KEV