A vulnerability, which was classified as critical, has been found in Linksys WRT54GL up to 4.30.18.006 (Router Operating System). Affected by this issue is the function Check_TSSI of the file /apply.cgi of the component httpd. The manipulation with an unknown input leads to a os command injection vulnerability. Using CWE to declare the problem leads to CWE-78. The software constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. Impacted is confidentiality, integrity, and availability. CVE summarizes:

An arbitrary code execution vulnerability exisits in Linksys WRT54GL Wireless-G Broadband Router with firmware <= 4.30.18.006. The Check_TSSI function within the httpd binary uses unvalidated user input in the construction of a system command. An authenticated attacker with administrator privileges can leverage this vulnerability over the network via a malicious POST request to /apply.cgi to execute arbitrary commands on the underlying Linux operating system as root.

The weakness was published 01/10/2023. The advisory is available at youtu.be. This vulnerability is handled as CVE-2022-43973 since 10/28/2022. Technical details are known, but there is no available exploit. The structure of the vulnerability defines a possible price range of USD $0-$5k at the moment (estimation calculated on 01/10/2023). This vulnerability is assigned to T1202 by the MITRE ATT&CK project.

There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Productinfo

Type

• Router Operating System

Vendor

• Linksys

Name

• WRT54GL

License

• commercial

CPE 2.3info

• 🔒

CPE 2.2info

• 🔒

Video

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion