Lucene search
+L

6 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:48 a.m.15 views

CVE-2022-31793

dorequest in request.c in muhttpd before 1.1.7 allows remote attackers to read arbitrary files by constructing a URL with a single character before a desired path on the filesystem. This occurs because the code skips over the first character when serving files. Arris NVG443, NVG599, NVG589, and...

7.5CVSS7.2AI score0.12001EPSS
Exploits2References1
Circl
Circl
added 2025/04/20 12:0 a.m.14 views

CVE-2022-31793

creationtimestamp| type| source ---|---|--- 2025-04-20 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2025-04-20 2026-06-23 14:06:15+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/05c68957-3684-432f-b134-714c8bc8030f 2026-06-30...

7.5CVSS7.2AI score0.12001EPSS
Exploits2References2
GithubExploit
GithubExploit
added 2022/08/19 1:42 a.m.461 views

Exploit for Path Traversal in Inglorion Muhttpd

CVE-2022-31793 -u specified IP address -l s...

7.5CVSS7.2AI score0.12001EPSS
Exploits2
CVE
CVE
added 2022/08/04 9:55 p.m.109 views

CVE-2022-31793

CVE-2022-31793 affects muhttpd versions prior to 1.1.7 used in Arris NVG443/NVG599/NVG589/NVG510 and BGW210/BGW320 devices. Root cause: do_request in request.c skips the first character when serving files, enabling path traversal and reading arbitrary files on the device. Impact: unauthenticated ...

7.5CVSS7.5AI score0.12001EPSS
In wildExploits2References5Affected Software1
Malwarebytes
Malwarebytes
added 2022/08/01 5:31 p.m.183 views

Millions of Arris routers are vulnerable to path traversal attacks

Security researcher Derek Abdine has published an advisory about vulnerabilities that exist in the MIT-licensed muhttpd web server. This web server is present in Arris firmware which can be found in several router models. muhttpd web server muhttpd mu HTTP deamon is a simple but complete web serv...

7.5CVSS9.7AI score0.12001EPSS
Exploits3
Malwarebytes
Malwarebytes
added 2022/08/01 5:0 p.m.86 views

Millions of Arris routers are vulnerable to path traversal attacks

Security researcher Derek Abdine has published an advisory about vulnerabilities that exist in the MIT-licensed muhttpd web server. This web server is present in Arris firmware which can be found in several router models. muhttpd web server muhttpd mu HTTP deamon is a simple but complete web serv...

7.5CVSS9.7AI score0.12001EPSS
Exploits3
Rows per page
Query Builder