exploitDog

CVE-2022-38841

Опубликовано: 16 апр. 2023

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

Linksys AX3200 1.1.00 is vulnerable to OS command injection by authenticated users via shell metacharacters to the diagnostics traceroute page.

Ссылки

http://packetstormsecurity.com/files/171433/Linksys-AX3200-1.1.00-Command-Injection.html
Exploit
Third Party Advisory
VDB Entry
https://drive.google.com/drive/folders/1rAa4zzJPwMop0AEMiI2NKqUaZno7Ccqb?usp=sharing
Exploit
Third Party Advisory
http://packetstormsecurity.com/files/171433/Linksys-AX3200-1.1.00-Command-Injection.html
Exploit
Third Party Advisory
VDB Entry
https://drive.google.com/drive/folders/1rAa4zzJPwMop0AEMiI2NKqUaZno7Ccqb?usp=sharing
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:linksys:e8450_firmware:1.1.00:*:*:*:*:*:*:*

cpe:2.3:h:linksys:e8450:-:*:*:*:*:*:*:*

EPSS

Процентиль: 85%

0.02403

Низкий

8.8 High

CVSS3

Дефекты

CWE-78

CWE-78

Связанные уязвимости

GHSA-rjm4-59w8-7r6f

CVSS3: 8.8

github

почти 3 года назад

Linksys AX3200 1.1.00 is vulnerable to OS command injection by authenticated users via shell metacharacters to the diagnostics traceroute page.

EPSS

Процентиль: 85%

0.02403

Низкий

8.8 High

CVSS3

Дефекты

CWE-78

CWE-78