Lucene search
PRIOn knowledge basePRION:CVE-2022-26992HistoryMar 15, 2022 - 10:15 p.m.
Command injection
2022-03-1522:15:00
PRIOn knowledge base
www.prio-n.com
4
0.002 Low
EPSS
Percentile
59.1%
Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the ddns function via the DdnsUserName, DdnsHostName, and DdnsPassword parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
| CPE | Name | Operator | Version |
|---|---|---|---|
| sbr-ac1200p_firmware | eq | 1.0.5-b05 | |
| sbr-ac1900p_firmware | eq | 1.0.7-b05 | |
| sbr-ac3200p_firmware | eq | 1.0.7-b05 |
Related
nvd
nvd
CVE-2022-26992
2022-03-15 22:15:14
cve
cve
CVE-2022-26992
2022-03-15 22:15:14
cnvd
cnvd
Multiple ARRIS product command injection vulnerabilities
2022-03-17 00:00:00
cvelist
cvelist
CVE-2022-26992
2022-03-15 21:56:26
malwarebytes
malwarebytes
Millions of Arris routers are vulnerable to path traversal attacks
2022-08-01 17:31:40
Millions of Arris routers are vulnerable to path traversal attacks
2022-08-01 17:00:00
checkpoint_advisories
checkpoint_advisories