CVE-2022-4873

creationtimestamp| type| source ---|---|--- 2023-01-18 16:47:18+00:00| published-proof-of-concept| https://t.me/ctinow/87639 2023-01-19 13:10:07+00:00| published-proof-of-concept| https://t.me/truesecator/3959...

Critical Security Vulnerabilities Discovered in Netcomm and TP-Link Routers

Security vulnerabilities have been disclosed in Netcomm and TP-Link routers, some of which could be weaponized to achieve remote code execution. The flaws, tracked as CVE-2022-4873 and CVE-2022-4874, concern a case of stack-based buffer overflow and authentication bypass and impact Netcomm router...

CVE-2022-4873

On Netcomm router models NF20MESH, NF20, and NL1902 a stack based buffer overflow affects the sessionKey parameter. By providing a specific number of bytes, the instruction pointer is able to be overwritten on the stack and crashes the application at a known location...

CVE-2022-4873 Stack based overflow on Netcomm router models NF20MESH, NF20, and NL1902

On Netcomm router models NF20MESH, NF20, and NL1902 a stack based buffer overflow affects the sessionKey parameter. By providing a specific number of bytes, the instruction pointer is able to be overwritten on the stack and crashes the application at a known location...

CVE-2022-4873

CVE-2022-4873 is a stack-based buffer overflow in the Netcomm NF20MESH, NF20, and NL1902 sessionKey handling that can overwrite the instruction pointer and crash the app. Related CVE-2022-4874 is an authentication bypass; together these flaws enable remote code execution when exploited in affecte...

CVE-2022-4873 Stack based overflow on Netcomm router models NF20MESH, NF20, and NL1902

On Netcomm router models NF20MESH, NF20, and NL1902 a stack based buffer overflow affects the sessionKey parameter. By providing a specific number of bytes, the instruction pointer is able to be overwritten on the stack and crashes the application at a known location...

CVE-2022-4873

On Netcomm router models NF20MESH, NF20, and NL1902 a stack based buffer overflow affects the sessionKey parameter. By providing a specific number of bytes, the instruction pointer is able to be overwritten on the stack and crashes the application at a known location. Recent assessments: Assessed...

AlmaLinux 9 : firefox (ALSA-2022:4873)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2022:4873 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...

RHEL 9 : firefox (RHSA-2022:4873)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:4873 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

Oracle Linux 9 : firefox (ELSA-2022-4873)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2022-4873 advisory. 91.10.0-1.0.1 - Replaced upstream package with oracle-indexhtml Orabug: 33802044 - Add firefox-oracle-default-prefs.js and remove the corresponding Red...