Lucene search

[email protected]NVD:CVE-2022-45701

HistoryFeb 17, 2023 - 3:15 p.m.

CVE-2022-45701

2023-02-1715:15:12

[email protected]

web.nvd.nist.gov

vulnerability

arris

tg2482a

firmware

remote code execution

ping utility

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

9 High

AI Score

Confidence

High

0.027 Low

EPSS

Percentile

90.5%

JSON

Arris TG2482A firmware through 9.1.103GEM9 allow Remote Code Execution (RCE) via the ping utility feature.

Affected configurations

NVD

Node

commscopearris_tg2482aMatch-

AND

commscopearris_tg2482a_firmwareRange≤9.1.103

Node

commscopearris_tg2492Match-

AND

commscopearris_tg2492_firmwareRange≤9.1.103

Node

commscopearris_sbg10Match-

AND

commscopearris_sbg10_firmwareRange≤9.1.103

References

arris.com

packetstormsecurity.com/files/171001/Arris-Router-Firmware-9.1.103-Remote-Code-Execution.htmlhttps://github.com/yerodin/CVE-2022-45701

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

9 High

AI Score

Confidence

High

0.027 Low

EPSS

Percentile

90.5%

JSON

Related for NVD:CVE-2022-45701

cve1 prion1 malwarebytes1 zdt2 cvelist1 packetstorm1 exploitdb1