Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2022-43971
HistoryJan 09, 2023 - 9:15 p.m.

Code injection

2023-01-0921:15:00
PRIOn knowledge base
www.prio-n.com
3
linksys
wumc710
code injection
vulnerability
firmware
command execution
linux
root access
nvd

7.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.8%

JSON

An arbitrary code exection vulnerability exists in Linksys WUMC710 Wireless-AC Universal Media Connector with firmware <= 1.0.02 (build3). The do_setNTP function within the httpd binary uses unvalidated user input in the construction of a system command. An authenticated attacker with administrator privileges can leverage this vulnerability over the network via a malicious GET or POST request to /setNTP.cgi to execute arbitrary commands on the underlying Linux operating system as root.

Related

nvd 1
cve 1
cvelist 1
nvd
nvd
CVE-2022-43971
2023-01-09 21:15:10
cve
cve
CVE-2022-43971
2023-01-09 21:15:10
cvelist
cvelist
CVE-2022-43971 Arbitrary code execution in Linksys WUMC710
2023-01-09 00:00:00

7.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

58.8%

JSON
Related for PRION:CVE-2022-43971
nvd1cve1cvelist1