Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-43970

A buffer overflow vulnerability exists in Linksys WRT54GL Wireless-G Broadband Router with firmware <= 4.30.18.006. A stack-based buffer overflow in the Start_EPI function within the httpd binary allows an authenticated attacker with administrator privileges to execute arbitrary commands on the underlying Linux operating system as root. This vulnerablity can be triggered over the network via a malicious POST request to /apply.cgi.

Published

2023-01-09T21:15:10.750

Last Modified

2024-11-21T07:27:27.067

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.2 (HIGH)

Weaknesses

Type: Secondary
CWE-120
Type: Primary
CWE-787

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	linksys	wrt54gl_firmware	≤ 4.30.18.006	Yes
Hardware	linksys	wrt54gl	-	No

References

https://youtu.be/73-1lhvJPNg Exploit, Third Party Advisory ([email protected])
https://youtu.be/RfWVYCUBNZ0 Exploit, Third Party Advisory ([email protected])
https://youtu.be/TeWAmZaKQ_w Exploit, Third Party Advisory ([email protected])
https://youtu.be/73-1lhvJPNg Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://youtu.be/RfWVYCUBNZ0 Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://youtu.be/TeWAmZaKQ_w Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)