{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2022-4982", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2025-11-12T16:47:57.264Z", "datePublished": "2025-11-12T22:10:11.204Z", "dateUpdated": "2025-11-13T14:35:36.484Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unknown", "modules": ["Web server (frame.html / frame.A100.html handlers)"], "product": "GoIP-1", "vendor": "DBL Technology (DBLTek)", "versions": [{"lessThanOrEqual": "GHSFVT-1.1-67-5", "status": "affected", "version": "0", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Valtteri Lehtinen"}, {"lang": "en", "type": "finder", "value": "Lassi Korhonen"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "DBLTek GoIP-1 firmware versions up to and including GHSFVT-1.1-67-5 contain a local file inclusion vulnerability. The device's web server exposes handlers (`frame.html` and `frame.A100.html`) that accept a path parameter (`content` or `sidebar`) which is not properly validated or canonicalized. An attacker can supply directory-traversal sequences to cause the server to read and return arbitrary filesystem files that the webserver user can access. Other GoIP models and firmware versions are likely affected. Exploitation evidence was observed by the Shadowserver Foundation on 2024-03-21 UTC."}], "value": "DBLTek GoIP-1 firmware versions up to and including GHSFVT-1.1-67-5 contain a local file inclusion vulnerability. The device's web server exposes handlers (`frame.html` and `frame.A100.html`) that accept a path parameter (`content` or `sidebar`) which is not properly validated or canonicalized. An attacker can supply directory-traversal sequences to cause the server to read and return arbitrary filesystem files that the webserver user can access. Other GoIP models and firmware versions are likely affected. Exploitation evidence was observed by the Shadowserver Foundation on 2024-03-21 UTC."}], "impacts": [{"capecId": "CAPEC-193", "descriptions": [{"lang": "en", "value": "CAPEC-193 PHP Remote File Inclusion"}]}, {"capecId": "CAPEC-126", "descriptions": [{"lang": "en", "value": "CAPEC-126 Path Traversal"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 8.7, "baseSeverity": "HIGH", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-98", "description": "CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2025-11-12T22:10:11.204Z"}, "references": [{"tags": ["technical-description", "exploit"], "url": "https://shufflingbytes.com/posts/hacking-goip-gsm-gateway/"}, {"tags": ["exploit"], "url": "https://www.exploit-db.com/exploits/50775"}, {"tags": ["product"], "url": "http://www.dbltek.com/"}, {"tags": ["third-party-advisory"], "url": "https://www.vulncheck.com/advisories/dbltek-goip-unauthenticated-lfi"}], "source": {"discovery": "UNKNOWN"}, "tags": ["x_known-exploited-vulnerability"], "timeline": [{"lang": "en", "time": "2022-02-15T17:00:00.000Z", "value": "Researcher publicly discloses vulnerability."}], "title": "DBLTek GoIP-1 vGHSFVT-1.1-67-5 Unauthenticated LFI", "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"references": [{"url": "https://www.exploit-db.com/exploits/50775", "tags": ["exploit"]}, {"url": "https://shufflingbytes.com/posts/hacking-goip-gsm-gateway/", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-11-13T14:30:07.758975Z", "id": "CVE-2022-4982", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-13T14:35:36.484Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-4982", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-11-13T14:30:07.758975Z"}}}], "references": [{"url": "https://www.exploit-db.com/exploits/50775", "tags": ["exploit"]}, {"url": "https://shufflingbytes.com/posts/hacking-goip-gsm-gateway/", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-11-13T14:30:16.743Z"}}], "cna": {"tags": ["x_known-exploited-vulnerability"], "title": "DBLTek GoIP-1 vGHSFVT-1.1-67-5 Unauthenticated LFI", "source": {"discovery": "UNKNOWN"}, "credits": [{"lang": "en", "type": "finder", "value": "Valtteri Lehtinen"}, {"lang": "en", "type": "finder", "value": "Lassi Korhonen"}], "impacts": [{"capecId": "CAPEC-193", "descriptions": [{"lang": "en", "value": "CAPEC-193 PHP Remote File Inclusion"}]}, {"capecId": "CAPEC-126", "descriptions": [{"lang": "en", "value": "CAPEC-126 Path Traversal"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.7, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "DBL Technology (DBLTek)", "modules": ["Web server (frame.html / frame.A100.html handlers)"], "product": "GoIP-1", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "GHSFVT-1.1-67-5"}], "defaultStatus": "unknown"}], "timeline": [{"lang": "en", "time": "2022-02-15T17:00:00.000Z", "value": "Researcher publicly discloses vulnerability."}], "references": [{"url": "https://shufflingbytes.com/posts/hacking-goip-gsm-gateway/", "tags": ["technical-description", "exploit"]}, {"url": "https://www.exploit-db.com/exploits/50775", "tags": ["exploit"]}, {"url": "http://www.dbltek.com/", "tags": ["product"]}, {"url": "https://www.vulncheck.com/advisories/dbltek-goip-unauthenticated-lfi", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "DBLTek GoIP-1 firmware versions up to and including GHSFVT-1.1-67-5 contain a local file inclusion vulnerability. The device's web server exposes handlers (`frame.html` and `frame.A100.html`) that accept a path parameter (`content` or `sidebar`) which is not properly validated or canonicalized. An attacker can supply directory-traversal sequences to cause the server to read and return arbitrary filesystem files that the webserver user can access. Other GoIP models and firmware versions are likely affected. Exploitation evidence was observed by the Shadowserver Foundation on 2024-03-21 UTC.", "supportingMedia": [{"type": "text/html", "value": "DBLTek GoIP-1 firmware versions up to and including GHSFVT-1.1-67-5 contain a local file inclusion vulnerability. The device's web server exposes handlers (`frame.html` and `frame.A100.html`) that accept a path parameter (`content` or `sidebar`) which is not properly validated or canonicalized. An attacker can supply directory-traversal sequences to cause the server to read and return arbitrary filesystem files that the webserver user can access. Other GoIP models and firmware versions are likely affected. Exploitation evidence was observed by the Shadowserver Foundation on 2024-03-21 UTC.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-98", "description": "CWE-98 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-22", "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2025-11-12T22:10:11.204Z"}}}, "cveMetadata": {"cveId": "CVE-2022-4982", "state": "PUBLISHED", "dateUpdated": "2025-11-13T14:35:36.484Z", "dateReserved": "2025-11-12T16:47:57.264Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2025-11-12T22:10:11.204Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "DBLTek GoIP-1 firmware versions up to and including GHSFVT-1.1-67-5 contain a local file inclusion vulnerability. The device's web server exposes handlers (`frame.html` and `frame.A100.html`) that accept a path parameter (`content` or `sidebar`) which is not properly validated or canonicalized. An attacker can supply directory-traversal sequences to cause the server to read and return arbitrary filesystem files that the webserver user can access. Other GoIP models and firmware versions are likely affected. Exploitation evidence was observed by the Shadowserver Foundation on 2024-03-21 UTC."}], "id": "CVE-2022-4982", "lastModified": "2025-11-13T15:15:48.843", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "disclosure@vulncheck.com", "type": "Secondary"}]}, "published": "2025-11-12T22:15:42.187", "references": [{"source": "disclosure@vulncheck.com", "url": "http://www.dbltek.com/"}, {"source": "disclosure@vulncheck.com", "url": "https://shufflingbytes.com/posts/hacking-goip-gsm-gateway/"}, {"source": "disclosure@vulncheck.com", "url": "https://www.exploit-db.com/exploits/50775"}, {"source": "disclosure@vulncheck.com", "url": "https://www.vulncheck.com/advisories/dbltek-goip-unauthenticated-lfi"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://shufflingbytes.com/posts/hacking-goip-gsm-gateway/"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://www.exploit-db.com/exploits/50775"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}, {"lang": "en", "value": "CWE-98"}], "source": "disclosure@vulncheck.com", "type": "Secondary"}]}

{}

{"created": "2025-11-13T15:50:19.606331+00:00", "updated": "2025-11-13T15:50:19.606362+00:00", "vendors": ["dbltek", "dbltek$PRODUCT$goip"]}