Lucene search
K

6 matches found

The Hacker News
The Hacker News
added 2023/01/18 10:20 a.m.60 views

Critical Security Vulnerabilities Discovered in Netcomm and TP-Link Routers

Security vulnerabilities have been disclosed in Netcomm and TP-Link routers, some of which could be weaponized to achieve remote code execution. The flaws, tracked as CVE-2022-4873 and CVE-2022-4874, concern a case of stack-based buffer overflow and authentication bypass and impact Netcomm router...

2.4AI score0.11009EPSS
Exploits2
Circl
Circl
added 2023/01/12 12:30 a.m.6 views

CVE-2022-4874

creationtimestamp| type| source ---|---|--- 2023-01-12 00:30:34+00:00| seen| https://t.me/cibsecurity/56380 2023-01-18 16:47:18+00:00| published-proof-of-concept| https://t.me/ctinow/87639 2023-01-19 13:10:07+00:00| published-proof-of-concept| https://t.me/truesecator/3959...

7.5CVSS7.7AI score0.11009EPSS
Exploits1References3
NVD
NVD
added 2023/01/11 9:15 p.m.38 views

CVE-2022-4874

Authentication bypass in Netcomm router models NF20MESH, NF20, and NL1902 allows an unauthenticated user to access content. In order to serve static content, the application performs a check for the existence of specific characters in the URL .css, .png etc. If it exists, it performs a "fake logi...

7.5CVSS7.7AI score0.11009EPSS
Exploits1References2
CVE
CVE
added 2023/01/11 8:39 p.m.203 views

CVE-2022-4874

CVE-2022-4874 affects Netcomm NF20MESH, NF20 and NL1902 router models. An authentication bypass exists where the app serves static content by checking the URL for specific characters (e.g., .css, .png) and performing a “fake login” to grant a active session, allowing unauthenticated access to con...

7.5CVSS7.8AI score0.11009EPSS
In wildExploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/11 8:39 p.m.14 views

CVE-2022-4874 Authenticated bypass in Netcomm router models NF20MESH, NF20, and NL1902 allows unauthenticated user to get access to content.

Authentication bypass in Netcomm router models NF20MESH, NF20, and NL1902 allows an unauthenticated user to access content. In order to serve static content, the application performs a check for the existence of specific characters in the URL .css, .png etc. If it exists, it performs a "fake logi...

7.7AI score0.11009EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2023/01/11 12:0 a.m.46 views

CVE-2022-4874

Authentication bypass in Netcomm router models NF20MESH, NF20, and NL1902 allows an unauthenticated user to access content. In order to serve static content, the application performs a check for the existence of specific characters in the URL .css, .png etc. If it exists, it performs a “fake logi...

7.5CVSS7.8AI score0.11009EPSS
In wildExploits1References2
Rows per page
Query Builder