CVE-2022-33322 Information

Nov 09, 2022 cve

Description

Cross-site scripting vulnerability in Mitsubishi Electric consumer electronics products (Air Conditioning Wi-Fi Interface Refrigerator HEMS adapter Remote control with Wi-Fi Interface BATHROOM THERMO VENTILATOR Rice cooker Mitsubishi Electric HEMS control adapter Energy Recovery Ventilator Smart Switch and Air Purifier) allows a remote unauthenticated attacker to execute an malicious script on a user’s browser to disclose information etc. The wide range of models/versions of Mitsubishi Electric consumer electronics products are affected by this vulnerability. As for the affected product models/versions see the Mitsubishi Electric’s advisory which is listed in [References] section.

Reference

https://jvn.jp/vu/JVNVU96767562/index.html https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2022-011_en.pdf

Share on: