Lucene search

[email protected]NVD:CVE-2022-26987

HistoryMay 10, 2022 - 3:15 p.m.

CVE-2022-26987

2022-05-1015:15:07

CWE-787

[email protected]

web.nvd.nist.gov

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.002 Low

EPSS

Percentile

56.3%

JSON

TP-Link TL-WDR7660 2.0.30, Mercury D196G 20200109_2.0.4, and Fast FAC1900R 20190827_2.0.2 routers have a stack overflow issue in MmtAtePrase function. Local users could get remote code execution.

Affected configurations

NVD

Node

tp-linktl-wdr7660Match-

AND

tp-linktl-wdr7660_firmwareMatch2.0.30

Node

tp-linktl-wdr7661Match-

AND

tp-linktl-wdr7661_firmwareMatch-

Node

tp-linktl-wdr7620Match-

AND

tp-linktl-wdr7620_firmwareMatch-

Node

tp-linktl-wdr5660Match-

AND

tp-linktl-wdr5660_firmwareMatch-

Node

mercusysmercury_d196gMatch-

AND

mercusysmercury_d196g_firmwareMatch20200109_2.0.4

Node

fastcomfac1900rMatch-

AND

fastcomfac1900r_firmwareMatch20190827_2.0.2

References

tp-link.com

drive.google.com/file/d/1SnNoqRlJiBD673UROLwdgg_roMOneVR9/view?usp=sharing

github.com/GANGE666

7.2 High

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

0.002 Low

EPSS

Percentile

56.3%

JSON

Related for NVD:CVE-2022-26987

cve1 prion1 cvelist1