Search

Find a vulnerability

Search criteria

    6 vulnerabilities found for WRT54GL Wireless-G Broadband Router by Linksys

    CVE-2022-43973 (GCVE-0-2022-43973)

    Vulnerability from nvd – Published: 2023-01-09 00:00 – Updated: 2025-04-09 14:20
    VLAI
    Title
    Arbitrary code execution in Linksys WRT54GL
    Summary
    An arbitrary code execution vulnerability exisits in Linksys WRT54GL Wireless-G Broadband Router with firmware <= 4.30.18.006. The Check_TSSI function within the httpd binary uses unvalidated user input in the construction of a system command. An authenticated attacker with administrator privileges can leverage this vulnerability over the network via a malicious POST request to /apply.cgi to execute arbitrary commands on the underlying Linux operating system as root.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Linksys WRT54GL Wireless-G Broadband Router Affected: Firmware , ≤ 4.30.18.006 (custom)
    Create a notification for this product.
    Credits
    Jessie Chick of Trellix ARC
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T13:47:04.537Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://youtu.be/73-1lhvJPNg"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://youtu.be/TeWAmZaKQ_w"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://youtu.be/RfWVYCUBNZ0"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-43973",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-09T14:19:02.848808Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-09T14:20:48.368Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WRT54GL Wireless-G Broadband Router",
              "vendor": "Linksys",
              "versions": [
                {
                  "lessThanOrEqual": "4.30.18.006",
                  "status": "affected",
                  "version": "Firmware",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Jessie Chick of Trellix ARC"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An arbitrary code execution vulnerability exisits in Linksys WRT54GL Wireless-G Broadband Router with firmware \u003c= 4.30.18.006. The Check_TSSI function within the httpd binary uses unvalidated user input in the construction of a system command. An authenticated attacker with administrator privileges can leverage this vulnerability over the network via a malicious POST request to /apply.cgi to execute arbitrary commands on the underlying Linux operating system as root."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-01-09T00:00:00.000Z",
            "orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
            "shortName": "trellix"
          },
          "references": [
            {
              "url": "https://youtu.be/73-1lhvJPNg"
            },
            {
              "url": "https://youtu.be/TeWAmZaKQ_w"
            },
            {
              "url": "https://youtu.be/RfWVYCUBNZ0"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Arbitrary code execution in Linksys WRT54GL",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
        "assignerShortName": "trellix",
        "cveId": "CVE-2022-43973",
        "datePublished": "2023-01-09T00:00:00.000Z",
        "dateReserved": "2022-10-28T00:00:00.000Z",
        "dateUpdated": "2025-04-09T14:20:48.368Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-43972 (GCVE-0-2022-43972)

    Vulnerability from nvd – Published: 2023-01-09 00:00 – Updated: 2025-04-09 14:22
    VLAI
    Title
    Null pointer dereference in Linksys WRT54GL
    Summary
    A null pointer dereference vulnerability exists in Linksys WRT54GL Wireless-G Broadband Router with firmware <= 4.30.18.006. A null pointer dereference in the soap_action function within the upnp binary can be triggered by an unauthenticated attacker via a malicious POST request invoking the AddPortMapping action.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Impacted products
    Vendor Product Version
    Linksys WRT54GL Wireless-G Broadband Router Affected: Firmware , ≤ 4.30.18.006 (custom)
    Create a notification for this product.
    Credits
    Jessie Chick of Trellix ARC
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T13:47:05.079Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://youtu.be/73-1lhvJPNg"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://youtu.be/TeWAmZaKQ_w"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://youtu.be/RfWVYCUBNZ0"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-43972",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-09T14:21:57.291460Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-09T14:22:24.605Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WRT54GL Wireless-G Broadband Router",
              "vendor": "Linksys",
              "versions": [
                {
                  "lessThanOrEqual": "4.30.18.006",
                  "status": "affected",
                  "version": "Firmware",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Jessie Chick of Trellix ARC"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A null pointer dereference vulnerability exists in Linksys WRT54GL Wireless-G Broadband Router with firmware \u003c= 4.30.18.006. A null pointer dereference in the soap_action function within the upnp binary can be triggered by an unauthenticated attacker via a malicious POST request invoking the AddPortMapping action."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476: NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-01-09T00:00:00.000Z",
            "orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
            "shortName": "trellix"
          },
          "references": [
            {
              "url": "https://youtu.be/73-1lhvJPNg"
            },
            {
              "url": "https://youtu.be/TeWAmZaKQ_w"
            },
            {
              "url": "https://youtu.be/RfWVYCUBNZ0"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Null pointer dereference in Linksys WRT54GL",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
        "assignerShortName": "trellix",
        "cveId": "CVE-2022-43972",
        "datePublished": "2023-01-09T00:00:00.000Z",
        "dateReserved": "2022-10-28T00:00:00.000Z",
        "dateUpdated": "2025-04-09T14:22:24.605Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-43970 (GCVE-0-2022-43970)

    Vulnerability from nvd – Published: 2023-01-09 00:00 – Updated: 2025-04-09 14:26
    VLAI
    Title
    Buffer overflow in Linksys WRT54GL
    Summary
    A buffer overflow vulnerability exists in Linksys WRT54GL Wireless-G Broadband Router with firmware <= 4.30.18.006. A stack-based buffer overflow in the Start_EPI function within the httpd binary allows an authenticated attacker with administrator privileges to execute arbitrary commands on the underlying Linux operating system as root. This vulnerablity can be triggered over the network via a malicious POST request to /apply.cgi.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    Impacted products
    Vendor Product Version
    Linksys WRT54GL Wireless-G Broadband Router Affected: Firmware , ≤ 4.30.18.006 (custom)
    Create a notification for this product.
    Credits
    Jessie Chick of Trellix ARC
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T13:47:05.265Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://youtu.be/73-1lhvJPNg"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://youtu.be/TeWAmZaKQ_w"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://youtu.be/RfWVYCUBNZ0"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-43970",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-09T14:25:37.571154Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-09T14:26:11.008Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WRT54GL Wireless-G Broadband Router",
              "vendor": "Linksys",
              "versions": [
                {
                  "lessThanOrEqual": "4.30.18.006",
                  "status": "affected",
                  "version": "Firmware",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Jessie Chick of Trellix ARC"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A buffer overflow vulnerability exists in Linksys WRT54GL Wireless-G Broadband Router with firmware \u003c= 4.30.18.006. A stack-based buffer overflow in the Start_EPI function within the httpd binary allows an authenticated attacker with administrator privileges to execute arbitrary commands on the underlying Linux operating system as root. This vulnerablity can be triggered over the network via a malicious POST request to /apply.cgi."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-01-09T00:00:00.000Z",
            "orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
            "shortName": "trellix"
          },
          "references": [
            {
              "url": "https://youtu.be/73-1lhvJPNg"
            },
            {
              "url": "https://youtu.be/TeWAmZaKQ_w"
            },
            {
              "url": "https://youtu.be/RfWVYCUBNZ0"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Buffer overflow in Linksys WRT54GL",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
        "assignerShortName": "trellix",
        "cveId": "CVE-2022-43970",
        "datePublished": "2023-01-09T00:00:00.000Z",
        "dateReserved": "2022-10-28T00:00:00.000Z",
        "dateUpdated": "2025-04-09T14:26:11.008Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-43973 (GCVE-0-2022-43973)

    Vulnerability from cvelistv5 – Published: 2023-01-09 00:00 – Updated: 2025-04-09 14:20
    VLAI
    Title
    Arbitrary code execution in Linksys WRT54GL
    Summary
    An arbitrary code execution vulnerability exisits in Linksys WRT54GL Wireless-G Broadband Router with firmware <= 4.30.18.006. The Check_TSSI function within the httpd binary uses unvalidated user input in the construction of a system command. An authenticated attacker with administrator privileges can leverage this vulnerability over the network via a malicious POST request to /apply.cgi to execute arbitrary commands on the underlying Linux operating system as root.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    Assigner
    Impacted products
    Vendor Product Version
    Linksys WRT54GL Wireless-G Broadband Router Affected: Firmware , ≤ 4.30.18.006 (custom)
    Create a notification for this product.
    Credits
    Jessie Chick of Trellix ARC
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T13:47:04.537Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://youtu.be/73-1lhvJPNg"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://youtu.be/TeWAmZaKQ_w"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://youtu.be/RfWVYCUBNZ0"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-43973",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-09T14:19:02.848808Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-09T14:20:48.368Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WRT54GL Wireless-G Broadband Router",
              "vendor": "Linksys",
              "versions": [
                {
                  "lessThanOrEqual": "4.30.18.006",
                  "status": "affected",
                  "version": "Firmware",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Jessie Chick of Trellix ARC"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "An arbitrary code execution vulnerability exisits in Linksys WRT54GL Wireless-G Broadband Router with firmware \u003c= 4.30.18.006. The Check_TSSI function within the httpd binary uses unvalidated user input in the construction of a system command. An authenticated attacker with administrator privileges can leverage this vulnerability over the network via a malicious POST request to /apply.cgi to execute arbitrary commands on the underlying Linux operating system as root."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-01-09T00:00:00.000Z",
            "orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
            "shortName": "trellix"
          },
          "references": [
            {
              "url": "https://youtu.be/73-1lhvJPNg"
            },
            {
              "url": "https://youtu.be/TeWAmZaKQ_w"
            },
            {
              "url": "https://youtu.be/RfWVYCUBNZ0"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Arbitrary code execution in Linksys WRT54GL",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
        "assignerShortName": "trellix",
        "cveId": "CVE-2022-43973",
        "datePublished": "2023-01-09T00:00:00.000Z",
        "dateReserved": "2022-10-28T00:00:00.000Z",
        "dateUpdated": "2025-04-09T14:20:48.368Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-43972 (GCVE-0-2022-43972)

    Vulnerability from cvelistv5 – Published: 2023-01-09 00:00 – Updated: 2025-04-09 14:22
    VLAI
    Title
    Null pointer dereference in Linksys WRT54GL
    Summary
    A null pointer dereference vulnerability exists in Linksys WRT54GL Wireless-G Broadband Router with firmware <= 4.30.18.006. A null pointer dereference in the soap_action function within the upnp binary can be triggered by an unauthenticated attacker via a malicious POST request invoking the AddPortMapping action.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-476 - NULL Pointer Dereference
    Assigner
    Impacted products
    Vendor Product Version
    Linksys WRT54GL Wireless-G Broadband Router Affected: Firmware , ≤ 4.30.18.006 (custom)
    Create a notification for this product.
    Credits
    Jessie Chick of Trellix ARC
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T13:47:05.079Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://youtu.be/73-1lhvJPNg"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://youtu.be/TeWAmZaKQ_w"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://youtu.be/RfWVYCUBNZ0"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-43972",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-09T14:21:57.291460Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-09T14:22:24.605Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WRT54GL Wireless-G Broadband Router",
              "vendor": "Linksys",
              "versions": [
                {
                  "lessThanOrEqual": "4.30.18.006",
                  "status": "affected",
                  "version": "Firmware",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Jessie Chick of Trellix ARC"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A null pointer dereference vulnerability exists in Linksys WRT54GL Wireless-G Broadband Router with firmware \u003c= 4.30.18.006. A null pointer dereference in the soap_action function within the upnp binary can be triggered by an unauthenticated attacker via a malicious POST request invoking the AddPortMapping action."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-476",
                  "description": "CWE-476: NULL Pointer Dereference",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-01-09T00:00:00.000Z",
            "orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
            "shortName": "trellix"
          },
          "references": [
            {
              "url": "https://youtu.be/73-1lhvJPNg"
            },
            {
              "url": "https://youtu.be/TeWAmZaKQ_w"
            },
            {
              "url": "https://youtu.be/RfWVYCUBNZ0"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Null pointer dereference in Linksys WRT54GL",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
        "assignerShortName": "trellix",
        "cveId": "CVE-2022-43972",
        "datePublished": "2023-01-09T00:00:00.000Z",
        "dateReserved": "2022-10-28T00:00:00.000Z",
        "dateUpdated": "2025-04-09T14:22:24.605Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-43970 (GCVE-0-2022-43970)

    Vulnerability from cvelistv5 – Published: 2023-01-09 00:00 – Updated: 2025-04-09 14:26
    VLAI
    Title
    Buffer overflow in Linksys WRT54GL
    Summary
    A buffer overflow vulnerability exists in Linksys WRT54GL Wireless-G Broadband Router with firmware <= 4.30.18.006. A stack-based buffer overflow in the Start_EPI function within the httpd binary allows an authenticated attacker with administrator privileges to execute arbitrary commands on the underlying Linux operating system as root. This vulnerablity can be triggered over the network via a malicious POST request to /apply.cgi.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
    Assigner
    Impacted products
    Vendor Product Version
    Linksys WRT54GL Wireless-G Broadband Router Affected: Firmware , ≤ 4.30.18.006 (custom)
    Create a notification for this product.
    Credits
    Jessie Chick of Trellix ARC
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T13:47:05.265Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://youtu.be/73-1lhvJPNg"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://youtu.be/TeWAmZaKQ_w"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://youtu.be/RfWVYCUBNZ0"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-43970",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-09T14:25:37.571154Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-09T14:26:11.008Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WRT54GL Wireless-G Broadband Router",
              "vendor": "Linksys",
              "versions": [
                {
                  "lessThanOrEqual": "4.30.18.006",
                  "status": "affected",
                  "version": "Firmware",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Jessie Chick of Trellix ARC"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A buffer overflow vulnerability exists in Linksys WRT54GL Wireless-G Broadband Router with firmware \u003c= 4.30.18.006. A stack-based buffer overflow in the Start_EPI function within the httpd binary allows an authenticated attacker with administrator privileges to execute arbitrary commands on the underlying Linux operating system as root. This vulnerablity can be triggered over the network via a malicious POST request to /apply.cgi."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-120",
                  "description": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-01-09T00:00:00.000Z",
            "orgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
            "shortName": "trellix"
          },
          "references": [
            {
              "url": "https://youtu.be/73-1lhvJPNg"
            },
            {
              "url": "https://youtu.be/TeWAmZaKQ_w"
            },
            {
              "url": "https://youtu.be/RfWVYCUBNZ0"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Buffer overflow in Linksys WRT54GL",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "01626437-bf8f-4d1c-912a-893b5eb04808",
        "assignerShortName": "trellix",
        "cveId": "CVE-2022-43970",
        "datePublished": "2023-01-09T00:00:00.000Z",
        "dateReserved": "2022-10-28T00:00:00.000Z",
        "dateUpdated": "2025-04-09T14:26:11.008Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }