Lucene search

[email protected]NVD:CVE-2022-30114

HistoryMay 19, 2023 - 12:15 p.m.

CVE-2022-30114

2023-05-1912:15:09

CWE-787

[email protected]

web.nvd.nist.gov

network service

fastweb fastgate

buffer overflow

firmware

remote attacker

reboot

http request

dos

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

40.9%

JSON

A heap-based buffer overflow in a network service in Fastweb FASTGate MediaAccess FGA2130FWB, firmware version 18.3.n.0482_FW_230_FGA2130, and DGA4131FWB, firmware version up to 18.3.n.0462_FW_261_DGA4131, allows a remote attacker to reboot the device through a crafted HTTP request, causing DoS.

Affected configurations

NVD

Node

fastwebfastgate_vdsl2_dga4131fwb_firmwareRange<18.3.n.0482_fw_264_dga4131

AND

fastwebfastgate_vdsl2_dga4131fwbMatch-

Node

fastwebfastgate_gpon_fga2130fwb_firmwareRange<18.3.n.0482_fw_233_fga2130

AND

fastwebfastgate_gpon_fga2130fwbMatch-

References

str0ng4le.github.io/jekyll/update/2023/05/12/fastgate-bof-cve-2022-30114/

www.fastweb.it/myfastweb/assistenza/guide/FASTGate/

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

40.9%

JSON

Related for NVD:CVE-2022-30114

prion1 cve1 cvelist1 githubexploit1