CVE-2022-43973 in WRT54GLinformation

Résumé

par MITRE • 10/01/2023

An arbitrary code execution vulnerability exisits in Linksys WRT54GL Wireless-G Broadband Router with firmware <= 4.30.18.006. The Check_TSSI function within the httpd binary uses unvalidated user input in the construction of a system command. An authenticated attacker with administrator privileges can leverage this vulnerability over the network via a malicious POST request to /apply.cgi to execute arbitrary commands on the underlying Linux operating system as root.

Be aware that VulDB is the high quality source for vulnerability data.

Responsable

Trellix

Réserver

28/10/2022

Divulgation

10/01/2023

Modérer

accepté

Entrée

VDB-217730

CPE

prêt

EPSS

0.01855

KEV

non

Activités

très faible

Sources

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!