CVE-2022-1669

{"id": "CVE-2022-1669", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 5.2, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "ics-cert@hq.dhs.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 5.2, "exploitabilityScore": 1.6}]}, "published": "2022-05-24T18:15:08.353", "references": [{"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-137-01", "tags": ["Third Party Advisory", "US Government Resource"], "source": "ics-cert@hq.dhs.gov"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "ics-cert@hq.dhs.gov", "description": [{"lang": "en", "value": "CWE-121"}]}], "descriptions": [{"lang": "en", "value": "A buffer overflow vulnerability has been detected in the firewall function of the device management web portal. The device runs a CGI binary (index.cgi) to offer a management web application. Once authenticated with valid credentials in this web portal, a potential attacker could submit any \"Address\" value and it would be copied to a second variable with a \"strcpy\" vulnerable function without checking its length. Because of this, it is possible to send a long address value to overflow the process stack, controlling the function return address."}, {"lang": "es", "value": "Se ha detectado una vulnerabilidad de desbordamiento de b\u00fafer en la funci\u00f3n de firewall del portal web de administraci\u00f3n del dispositivo. El dispositivo ejecuta un binario CGI (index.cgi) para ofrecer una aplicaci\u00f3n web de administraci\u00f3n. Una vez autenticado con credenciales v\u00e1lidas en este portal web, un potencial atacante podr\u00eda enviar cualquier valor \"Address\" y \u00e9ste ser\u00eda copiado a una segunda variable con una funci\u00f3n vulnerable \"strcpy\" sin comprobar su longitud. Debido a esto, es posible enviar un valor de direcci\u00f3n largo para desbordar la pila del proceso, controlando la direcci\u00f3n de retorno de la funci\u00f3n"}], "lastModified": "2022-06-10T20:50:34.037", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:circutor:compact_dc-s_basic_firmware:1.2.17:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EF4F1A36-3E03-4F15-BB01-2F6B759FD683"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:circutor:compact_dc-s_basic:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "F13E8571-BE1E-4041-81F8-0F59713927DE"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "ics-cert@hq.dhs.gov"}