Lucene search
MitreCVELIST:CVE-2022-44149HistoryJan 06, 2023 - 12:00 a.m.
CVE-2022-44149
2023-01-0600:00:00
mitre
www.cve.org
2
web service
vulnerability
remote command execution
authentication
nexxt amp300
os command
json
ping feature
goform/systools
authentication required
The web service on Nexxt Amp300 ARN02304U8 42.103.1.5095 and 80.103.2.5045 devices allows remote OS command execution by placing &telnetd in the JSON host field to the ping feature of the goform/sysTools component. Authentication is required
References
packetstormsecurity.com/files/170366/Nexxt-Router-Firmware-42.103.1.5095-Remote-Code-Execution.html
packetstormsecurity.com/files/170366/Nexxt-Router-Firmware-80.103.2.5045-Remote-Code-Execution.html
cxsecurity.com/issue/WLB-2023010006
packetstormsecurity.com/files/170366/Nexxt-Router-Firmware-42.103.1.5095-Remote-Code-Execution.html
www.nexxtsolutions.com/connectivity/search/?q=ARN02304U8
Related
prion
prion
Authentication flaw
2023-01-06 17:15:00
zdt
zdt
Nexxt Router Firmware 42.103.1.5095 Remote Code Execution Exploit
2023-01-04 00:00:00
exploitdb
exploitdb
packetstorm
packetstorm
Nexxt Router Firmware 42.103.1.5095 Remote Code Execution
2023-01-04 00:00:00
nvd
nvd
CVE-2022-44149
2023-01-06 17:15:09
cve
cve
CVE-2022-44149
2023-01-06 17:15:09