CVE-2022-43973 in WRT54GLthông tin

Tóm tắt

Bởi MITRE • 10/01/2023

An arbitrary code execution vulnerability exisits in Linksys WRT54GL Wireless-G Broadband Router with firmware <= 4.30.18.006. The Check_TSSI function within the httpd binary uses unvalidated user input in the construction of a system command. An authenticated attacker with administrator privileges can leverage this vulnerability over the network via a malicious POST request to /apply.cgi to execute arbitrary commands on the underlying Linux operating system as root.

Be aware that VulDB is the high quality source for vulnerability data.

chịu trách nhiệm

Trellix

Đặt trước

28/10/2022

Tiết lộ

10/01/2023

Kiểm duyệt

được chấp nhận

EPSS

0.01855

KEV

không

Các hoạt động

rất thấp

Nguồn

Do you want to use VulDB in your project?

Use the official API to access entries easily!