CVE-2022-27644 in R6700v3informação

Sumário

de MITRE • 29/03/2023

This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the downloading of files via HTTPS. The issue results from the lack of proper validation of the certificate presented by the server. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-15797.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Responsável

Zero Day Initiative

Reservar

22/03/2022

Divulgação

29/03/2023

Moderação

aceite

Entrada

VDB-224497

CPE

pronto

EPSS

0.00339

KEV

não

Atividades

muito baixo

Fontes

Do you need the next level of professionalism?

Upgrade your account now!