Lucene search

[email protected]NVD:CVE-2022-47040

HistoryJan 26, 2023 - 9:18 p.m.

CVE-2022-47040

2023-01-2621:18:02

[email protected]

web.nvd.nist.gov

askey router

privilege escalation

crafted files

port 80

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

18.5%

JSON

An issue in ASKEY router RTF3505VW-N1 BR_SV_g000_R3505VMN1001_s32_7 allows attackers to escalate privileges via running the tcpdump command after placing a crafted file in the /tmp directory and sending crafted packets through port 80.

Affected configurations

Nvd

Node

askeyrtf3505vw-n1Match-

AND

askeyrtf3505vw-n1_firmwareMatchbr_sv_g000_r3505vmn1001_s32_7

VendorProductVersionCPE
askeyrtf3505vw-n1-cpe:2.3:h:askey:rtf3505vw-n1:-:*:*:*:*:*:*:*
askeyrtf3505vw-n1_firmwarebr_sv_g000_r3505vmn1001_s32_7cpe:2.3:o:askey:rtf3505vw-n1_firmware:br_sv_g000_r3505vmn1001_s32_7:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
askey	rtf3505vw-n1	-	cpe:2.3:h:askey:rtf3505vw-n1:-:::::::*
askey	rtf3505vw-n1_firmware	br_sv_g000_r3505vmn1001_s32_7	cpe:2.3:o:askey:rtf3505vw-n1_firmware:br_sv_g000_r3505vmn1001_s32_7:::::::*

References

github.com/leoservalli/Privilege-escalation-ASKEY

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

18.5%

JSON

Related for NVD:CVE-2022-47040

prion1 cve1 cvelist1