CVE-2022-29516

The web console of FUJITSU Network IPCOM series (IPCOM EX2 IN(3200, 3500), IPCOM EX2 LB(1100, 3200, 3500), IPCOM EX2 SC(1100, 3200, 3500), IPCOM EX2 NW(1100, 3200, 3500), IPCOM EX2 DC, IPCOM EX2 DC, IPCOM EX IN(2300, 2500, 2700), IPCOM EX LB(1100, 1300, 2300, 2500, 2700), IPCOM EX SC(1100, 1300, 2300, 2500, 2700), and IPCOM EX NW(1100, 1300, 2300, 2500, 2700)) allows a remote attacker to execute an arbitrary OS command via unspecified vectors.

Published: 2022-05-18 Last update: 2024-11-21 Assigner: [email protected] Source: [email protected]
NVD Status:ModifiedCVE State: published
View at NVD, CVE.org, EUVD

CVE-2022-29516 is rated High Risk (67.4/100): CVSS Critical severity, with medium exploitation likelihood (EPSS 1.90%). High exploitation likelihood—assess exposure and prioritize remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2022-29516

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2025-11-21 2.61% 1.90% -0.71%
2 2025-11-18 1.90% 2.61% +0.71%
3 2025-06-02 1.90%

Full EPSS history (15 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2022-29516

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
9.8 3.1 CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Click to expand
Attack vector (AV:N)
Could be attacked over the internet or any normal routed network—not just someone sitting at the machine.
Attack complexity (AC:L)
Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:N)
No account or special rights needed—anonymous or random user is enough.
User interaction (UI:N)
Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U)
Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:H)
Serious risk that confidential data gets exposed in a big way.
Integrity (I:H)
They could widely tamper with or forge data—trust in the data is badly hurt.
Availability (A:H)
Could take the service down hard or make it unusable for people who depend on it.
 3.9 5.9 [email protected]
10.0 2.0 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:C)
Complete confidentiality impact.
Integrity impact (I:C)
Complete integrity impact.
Availability impact (A:C)
Complete availability impact.
 10.0 10.0 [email protected]

Weakness enumeration for CVE-2022-29516

Affected software / configurations for CVE-2022-29516

Vendor Product Version Raw CPE
fujitsu ipcom_ex2_nw_1100_firmware < v01l05_nf0501 cpe:2.3:o:fujitsu:ipcom_ex2_nw_1100_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ex2_nw_3500_firmware < v01l05_nf0501 cpe:2.3:o:fujitsu:ipcom_ex2_nw_3500_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ex2_nw_3200_firmware < v01l05_nf0501 cpe:2.3:o:fujitsu:ipcom_ex2_nw_3200_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ex2_sc_1100_firmware < v01l05_nf0501 cpe:2.3:o:fujitsu:ipcom_ex2_sc_1100_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ex2_sc_3500_firmware < v01l05_nf0501 cpe:2.3:o:fujitsu:ipcom_ex2_sc_3500_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ex2_sc_3200_firmware < v01l05_nf0501 cpe:2.3:o:fujitsu:ipcom_ex2_sc_3200_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ex2_lb_1100_firmware < v01l05_nf0501 cpe:2.3:o:fujitsu:ipcom_ex2_lb_1100_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ex2_lb_3500_firmware < v01l05_nf0501 cpe:2.3:o:fujitsu:ipcom_ex2_lb_3500_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ex2_lb_3200_firmware < v01l05_nf0501 cpe:2.3:o:fujitsu:ipcom_ex2_lb_3200_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ex2_in_1100_firmware < v01l05_nf0501 cpe:2.3:o:fujitsu:ipcom_ex2_in_1100_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ex2_in_3200_firmware < v01l05_nf0501 cpe:2.3:o:fujitsu:ipcom_ex2_in_3200_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ex2_in_3500_firmware < v01l05_nf0501 cpe:2.3:o:fujitsu:ipcom_ex2_in_3500_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ex2_dc_3500_firmware < v02l21_nf0201 cpe:2.3:o:fujitsu:ipcom_ex2_dc_3500_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ex2_dc_3200_firmware < v02l21_nf0201 cpe:2.3:o:fujitsu:ipcom_ex2_dc_3200_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ex_in_2300_firmware < e20l33_nf1101 cpe:2.3:o:fujitsu:ipcom_ex_in_2300_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ex_in_2500_firmware < e20l33_nf1101 cpe:2.3:o:fujitsu:ipcom_ex_in_2500_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ex_in_2700_firmware < e20l33_nf1101 cpe:2.3:o:fujitsu:ipcom_ex_in_2700_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ex_lb_1100_firmware < e20l33_nf1101 cpe:2.3:o:fujitsu:ipcom_ex_lb_1100_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ex_lb_1300_firmware < e20l33_nf1101 cpe:2.3:o:fujitsu:ipcom_ex_lb_1300_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ex_lb_2300_firmware < e20l33_nf1101 cpe:2.3:o:fujitsu:ipcom_ex_lb_2300_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ex_lb_2500_firmware < e20l33_nf1101 cpe:2.3:o:fujitsu:ipcom_ex_lb_2500_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ex_lb_2700_firmware < e20l33_nf1101 cpe:2.3:o:fujitsu:ipcom_ex_lb_2700_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ex_sc_1100_firmware < e20l33_nf1101 cpe:2.3:o:fujitsu:ipcom_ex_sc_1100_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ex_sc_1300_firmware < e20l33_nf1101 cpe:2.3:o:fujitsu:ipcom_ex_sc_1300_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ex_sc_2300_firmware < e20l33_nf1101 cpe:2.3:o:fujitsu:ipcom_ex_sc_2300_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ex_sc_2500_firmware < e20l33_nf1101 cpe:2.3:o:fujitsu:ipcom_ex_sc_2500_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ex_sc_2700_firmware < e20l33_nf1101 cpe:2.3:o:fujitsu:ipcom_ex_sc_2700_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ex_nw_1100_firmware < e20l33_nf1101 cpe:2.3:o:fujitsu:ipcom_ex_nw_1100_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ex_nw_1300_firmware < e20l33_nf1101 cpe:2.3:o:fujitsu:ipcom_ex_nw_1300_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ex_nw_2300_firmware < e20l33_nf1101 cpe:2.3:o:fujitsu:ipcom_ex_nw_2300_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ex_nw_2500_firmware < e20l33_nf1101 cpe:2.3:o:fujitsu:ipcom_ex_nw_2500_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ex_nw_2700_firmware < e20l33_nf1101 cpe:2.3:o:fujitsu:ipcom_ex_nw_2700_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ve2_ls_100_firmware < e20l33_nf1101 cpe:2.3:o:fujitsu:ipcom_ve2_ls_100_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ve2_ls_200_firmware < e20l33_nf1101 cpe:2.3:o:fujitsu:ipcom_ve2_ls_200_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ve2_ls_220_firmware < e20l33_nf1101 cpe:2.3:o:fujitsu:ipcom_ve2_ls_220_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ve2_ls_plus_100_firmware < e20l33_nf1101 cpe:2.3:o:fujitsu:ipcom_ve2_ls_plus_100_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ve2_ls_plus_200_firmware < e20l33_nf1101 cpe:2.3:o:fujitsu:ipcom_ve2_ls_plus_200_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ve2_ls_plus_220_firmware < e20l33_nf1101 cpe:2.3:o:fujitsu:ipcom_ve2_ls_plus_220_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ve2_ls_plus2_200_firmware < e20l33_nf1101 cpe:2.3:o:fujitsu:ipcom_ve2_ls_plus2_200_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ve2_ls_plus2_220_firmware < e20l33_nf1101 cpe:2.3:o:fujitsu:ipcom_ve2_ls_plus2_220_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ve2_sc_100_firmware < e20l33_nf1101 cpe:2.3:o:fujitsu:ipcom_ve2_sc_100_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ve2_sc_200_firmware < e20l33_nf1101 cpe:2.3:o:fujitsu:ipcom_ve2_sc_200_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ve2_sc_220_firmware < e20l33_nf1101 cpe:2.3:o:fujitsu:ipcom_ve2_sc_220_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ve2_sc_plus_100_firmware < e20l33_nf1101 cpe:2.3:o:fujitsu:ipcom_ve2_sc_plus_100_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ve2_sc_plus_200_firmware < e20l33_nf1101 cpe:2.3:o:fujitsu:ipcom_ve2_sc_plus_200_firmware:*:*:*:*:*:*:*:*
fujitsu ipcom_ve2_sc_plus_220_firmware < e20l33_nf1101 cpe:2.3:o:fujitsu:ipcom_ve2_sc_plus_220_firmware:*:*:*:*:*:*:*:*

References for CVE-2022-29516

cvelogic Threat Intelligence