CVE-2022-43973 in WRT54GLИнформация

Сводка

по MITRE • 10.01.2023

An arbitrary code execution vulnerability exisits in Linksys WRT54GL Wireless-G Broadband Router with firmware <= 4.30.18.006. The Check_TSSI function within the httpd binary uses unvalidated user input in the construction of a system command. An authenticated attacker with administrator privileges can leverage this vulnerability over the network via a malicious POST request to /apply.cgi to execute arbitrary commands on the underlying Linux operating system as root.

Be aware that VulDB is the high quality source for vulnerability data.

Ответственный

Trellix

Резервировать

28.10.2022

Раскрытие

10.01.2023

Модерация

принято

Вход

VDB-217730

EPSS

0.01855

KEV

Нет

Деятельности

Очень низкий

Источники

Interested in the pricing of exploits?

See the underground prices here!