Lucene search

[email protected]CVE-2022-37777

HistorySep 08, 2022 - 12:15 a.m.

CVE-2022-37777

2022-09-0800:15:10

[email protected]

web.nvd.nist.gov

phicomm

routers

vulnerability

rce

trhops parameter

tracert function

cve-2022-37777

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

0.003 Low

EPSS

Percentile

71.3%

JSON

Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers 3.0.1.17 and earlier were discovered to contain a remote command execution (RCE) vulnerability via the trHops parameter of the tracert function.

Affected configurations

NVD

Node

phicommfir151b_firmwareRange≤3.0.1.17

AND

phicommfir151bMatcha2

Node

phicommfir302e_firmwareRange≤3.0.1.17

AND

phicommfir302eMatcha2

Node

phicommfir300b_firmwareRange≤3.0.1.17

AND

phicommfir300bMatcha2

Node

phicommfir303b_firmwareRange≤3.0.1.17

AND

phicommfir303bMatcha2

CPENameOperatorVersion
phicomm:fir151b_firmwarephicomm fir151b firmwarele3.0.1.17

CPE	Name	Operator	Version
phicomm:fir151b_firmware	phicomm fir151b firmware	le	3.0.1.17

References

github.com/SLoSnow9879/Phicomm_Router/blob/main/Tracert_2.md

7.2 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

0.003 Low

EPSS

Percentile

71.3%

JSON

Related for CVE-2022-37777

prion1 cvelist1 nvd1