{"id": "CVE-2022-26376", "metrics": {"cvssMetricV30": [{"type": "Secondary", "source": "talos-cna@cisco.com", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.9}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2022-08-05T22:15:11.143", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1511", "tags": ["Exploit", "Third Party Advisory"], "source": "talos-cna@cisco.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "talos-cna@cisco.com", "description": [{"lang": "en", "value": "CWE-787"}]}, {"type": "Secondary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-787"}]}], "descriptions": [{"lang": "en", "value": "A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin New Gen prior to 386.7.. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability."}, {"lang": "es", "value": "Se presenta una vulnerabilidad de corrupci\u00f3n de memoria en la funcionalidad httpd unescape de Asuswrt versiones anteriores a 3.0.0.4.386_48706 y Asuswrt-Merlin New Gen versiones anteriores a 386.7. Una petici\u00f3n HTTP especialmente dise\u00f1ada puede conllevar a una corrupci\u00f3n de memoria. Un atacante puede enviar una petici\u00f3n de red para desencadenar esta vulnerabilidad"}], "lastModified": "2022-12-02T20:08:05.937", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:asus:asuswrt:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F08F0BFE-E5AF-4991-A543-C879E7920B1A", "versionEndExcluding": "3.0.0.4.386_48706"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:asuswrt-merlin:new_gen:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "56FA1FDB-6F85-429C-BF43-E60F1BF8BDB7", "versionEndExcluding": "386.7"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:asus:xt8_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4B1A968A-7E66-43F0-9E98-0EE71E6E8291", "versionEndExcluding": "3.0.0.4.386_48706"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:asus:xt8:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "37EEF2AE-074D-403B-B606-6C2CE88AD3B2"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:asus:tuf-ax3000_v2_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E797BD3C-28F5-495C-87DE-B6F42F80270E", "versionEndExcluding": "3.0.0.4.386_48750"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:asus:tuf-ax3000_v2:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "3D03C2C9-2EE8-47B9-9950-75C8A887C22C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:asus:xd4_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2664F674-B251-4525-BCBE-74841A2FC8A5", "versionEndExcluding": "3.0.0.4.386_48790"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:asus:xd4:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "ABBBB0A6-CDA7-47E1-B154-B7D6DE70D973"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:asus:et12_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7CA3A839-66DD-48A9-B14A-DA328EC5A96B", "versionEndExcluding": "3.0.0.4.386_48823"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:asus:et12:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "02E71310-9771-4D30-A202-1ADF5533960A"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:asus:gt-ax6000_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C628CA52-9224-4793-968B-5E452A09DA69", "versionEndExcluding": "3.0.0.4.386_48823"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:asus:gt-ax6000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B3B5FD80-66EC-42B3-AD9E-73C8BEDFB71E"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:asus:xt12_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E78AD82E-F3A4-4A95-8AED-93A29AD945D6", "versionEndExcluding": "3.0.0.4.386_48823"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:asus:xt12:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "C67E3C2D-1090-4C72-AAE8-89AE8E997533"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:asus:rt-ax58u_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8621573-D08C-4F11-9C6E-335EF7B84C60", "versionEndExcluding": "3.0.0.4.386_48908"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:asus:rt-ax58u:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "855509B2-CE29-4A04-B412-C160139EA392"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:asus:xt9_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4C9248D5-5BD4-41F5-8F97-0D57DFB083DC", "versionEndExcluding": "3.0.0.4.388_20027"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:asus:xt9:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "74B737E9-4218-435F-A6B1-980B2090BA8C"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:asus:xd6_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "071652E7-585F-4071-A48E-2A94AEF1E1D4", "versionEndExcluding": "3.0.0.4.386_49356"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:asus:xd6:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "727481D1-6673-4671-B970-87C6A22706CC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:asus:gt-ax11000_pro_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6013420E-9504-456C-A4FD-8C62D1948AB0", "versionEndExcluding": "3.0.0.4.386_48996"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:asus:gt-ax11000_pro:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "140087CE-0EBB-469D-956E-5BECA5AB5CBE"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:asus:gt-axe16000_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4336BA99-3693-4CF5-B301-C06EFC75B3B6", "versionEndExcluding": "3.0.0.4.386_48786"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:asus:gt-axe16000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "576BB6E0-D4E3-40EB-8212-B78946FB5082"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:asus:rt-ax86u_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "BED51697-4045-4551-9BDB-C8795ABB5A6E", "versionEndExcluding": "3.0.0.4.386_49447"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:asus:rt-ax86u:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AB28700C-02EB-46D0-9BAD-833CE4790264"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:asus:rt-ax68u_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E702F9E7-BB84-4B3C-8EFE-D6AE16D44C63", "versionEndExcluding": "3.0.0.4.386_49479"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:asus:rt-ax68u:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "7E27ED92-86BD-4FDB-A7AF-D308AA4A14DC"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:asus:rt-ax82u_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DAA6BB79-7908-494E-AF2A-D5A05B9D73BF", "versionEndExcluding": "3.0.0.4.386_49380"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:asus:rt-ax82u:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8D118305-CAFD-425F-8352-3B241D2E7702"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:asus:rt-ax56u_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "96356DF5-2C7A-47E8-AA6B-BE9DB1A7CF03", "versionEndExcluding": "3.0.0.4.386_49559"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:asus:rt-ax56u:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "4D747097-702E-4046-9723-01A586336534"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:asus:rt-ax55_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "40C64C0C-0D63-4262-9D31-EC560A084548", "versionEndExcluding": "3.0.0.4.386_49559"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:asus:rt-ax55:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "B8F27D4F-EDC4-4676-8C66-545378850BF1"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:asus:gt-ax11000_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5F1F38CC-78E1-43C7-B855-C79294061B3F", "versionEndExcluding": "3.0.0.4.386_49559"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:asus:gt-ax11000:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "CC02F598-C10E-4C77-9BE9-CB3660893C5E"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "talos-cna@cisco.com"}