Lucene search

[email protected]CVE-2022-46422

HistoryDec 20, 2022 - 8:15 p.m.

CVE-2022-46422

2022-12-2020:15:10

[email protected]

web.nvd.nist.gov

netgear

wnr2000

cve-2022-46422

dos

firmware

security issue

4.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H

5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

31.7%

JSON

An issue in Netgear WNR2000 v1 1.2.3.7 and earlier allows authenticated attackers to cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process.

Affected configurations

NVD

Node

netgearwnr2000_firmwareRange≤1.2.3.7

AND

netgearwnr2000Match1.0

CPENameOperatorVersion
netgear:wnr2000_firmwarenetgear wnr2000 firmwarele1.2.3.7

CPE	Name	Operator	Version
netgear:wnr2000_firmware	netgear wnr2000 firmware	le	1.2.3.7

References

hackmd.io/%40slASVrz_SrW7NQCsunofeA/B1bFKBWwi

www.netgear.com/about/security/

4.8 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H

5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

31.7%

JSON

Related for CVE-2022-46422

cvelist1 prion1 nvd1