CVE-2022-43971

{"id": "CVE-2022-43971", "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "trellixpsirt@trellix.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}]}, "published": "2023-01-09T21:15:10.840", "references": [{"url": "https://youtu.be/73-1lhvJPNg", "tags": ["Exploit", "Third Party Advisory"], "source": "trellixpsirt@trellix.com"}, {"url": "https://youtu.be/RfWVYCUBNZ0", "tags": ["Exploit", "Third Party Advisory"], "source": "trellixpsirt@trellix.com"}, {"url": "https://youtu.be/TeWAmZaKQ_w", "tags": ["Exploit", "Third Party Advisory"], "source": "trellixpsirt@trellix.com"}, {"url": "https://youtu.be/73-1lhvJPNg", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://youtu.be/RfWVYCUBNZ0", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://youtu.be/TeWAmZaKQ_w", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Secondary", "source": "trellixpsirt@trellix.com", "description": [{"lang": "en", "value": "CWE-78"}]}, {"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "An arbitrary code exection vulnerability exists in Linksys WUMC710 Wireless-AC Universal Media Connector with firmware <= 1.0.02 (build3). The do_setNTP function within the httpd binary uses unvalidated user input in the construction of a system command. An authenticated attacker with administrator privileges can leverage this vulnerability over the network via a malicious GET or POST request to /setNTP.cgi to execute arbitrary commands on the underlying Linux operating system as root."}, {"lang": "es", "value": "Existe una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo arbitrario en Linksys WUMC710 Wireless-AC Universal Media Connector con firmware &lt;= 1.0.02 (build3). La funci\u00f3n do_setNTP dentro del binario httpd utiliza entradas de usuario no validadas en la construcci\u00f3n de un comando del sistema. Un atacante autenticado con privilegios de administrador puede aprovechar esta vulnerabilidad en la red mediante una solicitud GET o POST maliciosa a /setNTP.cgi para ejecutar comandos arbitrarios en el sistema operativo Linux subyacente como root."}], "lastModified": "2024-11-21T07:27:27.293", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linksys:wumc710_firmware:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "99B71288-1A4B-4B47-8C4B-0FC7F7506BEC", "versionEndExcluding": "1.0.02"}, {"criteria": "cpe:2.3:o:linksys:wumc710_firmware:1.0.02:-:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B38F142-6863-44F8-91A9-9321F8D93A8B"}, {"criteria": "cpe:2.3:o:linksys:wumc710_firmware:1.0.02:build3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "70D933E4-6AD8-4291-8006-29CE2F2D8184"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:linksys:wumc710:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6E5B1752-FA07-483E-AA80-F6D95FAC29D5"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "trellixpsirt@trellix.com"}