CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 2CVE-2022-45028
https://notcve.org/view.php?id=CVE-2022-45028
A cross-site scripting (XSS) vulnerability in Arris NVG443B 9.3.0h3d36 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request sent to /cgi-bin/logs.ha. Una vulnerabilidad de Cross-Site Scripting (XSS) en Arris NVG443B 9.3.0h3d36 permite a los atacantes ejecutar scripts web o HTML arbitrario a través de una solicitud POST manipulada enviada a /cgi-bin/logs.ha. • https://drive.google.com/file/d/1AHqvciVNMQpUoomFgtctnByewkkr24kB/view https://seanpesce.blogspot.com/2022/11/unauthenticated-stored-xss-in-arris.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 30%CPEs: 13EXPL: 2CVE-2022-31793
https://notcve.org/view.php?id=CVE-2022-31793
do_request in request.c in muhttpd before 1.1.7 allows remote attackers to read arbitrary files by constructing a URL with a single character before a desired path on the filesystem. This occurs because the code skips over the first character when serving files. Arris NVG443, NVG599, NVG589, and NVG510 devices and Arris-derived BGW210 and BGW320 devices are affected. La función do_request en el archivo request.c en muhttpd versiones anteriores a 1.1.7, permite a atacantes remotos leer archivos arbitrarios al construir una URL con un solo carácter antes de una ruta deseada en el sistema de archivos. Esto ocurre porque el código salta el primer carácter cuando sirve archivos. • https://github.com/xpgdgit/CVE-2022-31793 http://inglorion.net/software/muhttpd https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/08/millions-of-arris-routers-are-vulnerable-to-path-traversal-attacks https://derekabdine.com/blog/2022-arris-advisory https://kb.cert.org/vuls/id/495801 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 1CVE-2022-26993
https://notcve.org/view.php?id=CVE-2022-26993
Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the pppoe function via the pppoeUserName, pppoePassword, and pppoe_Service parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. Se ha detectado que los routers Arris SBR-AC1900P versiones 1.0.7-B05, SBR-AC3200P versiones 1.0.7-B05 y SBR-AC1200P versiones 1.0.5-B05, contienen una vulnerabilidad de inyección de comandos en la función pppoe por medio de los parámetros pppoeUserName, pppoePassword y pppoe_Service. Esta vulnerabilidad permite a atacantes ejecutar comandos arbitrarios por medio de una petición diseñada • https://github.com/wudipjq/my_vuln/blob/main/ARRIS/vuln_4/4.md • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 1CVE-2022-26994
https://notcve.org/view.php?id=CVE-2022-26994
Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the pptp function via the pptpUserName and pptpPassword parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. Se ha detectado que los routers Arris SBR-AC1900P versiones 1.0.7-B05, SBR-AC3200P versiones 1.0.7-B05 y SBR-AC1200P versiones 1.0.5-B05, contienen una vulnerabilidad de inyección de comandos en la función pptp por medio de los parámetros pptpUserName y pptpPassword. Esta vulnerabilidad permite a atacantes ejecutar comandos arbitrarios por medio de una petición diseñada • https://github.com/wudipjq/my_vuln/blob/main/ARRIS/vuln_5/5.md • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 6EXPL: 1CVE-2022-26992
https://notcve.org/view.php?id=CVE-2022-26992
Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were discovered to contain a command injection vulnerability in the ddns function via the DdnsUserName, DdnsHostName, and DdnsPassword parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request. Se ha detectado que los routers Arris SBR-AC1900P versiones 1.0.7-B05, SBR-AC3200P versiones 1.0.7-B05 y SBR-AC1200P versiones 1.0.5-B05, contienen una vulnerabilidad de inyección de comandos en la función ddns por medio de los parámetros DdnsUserName, DdnsHostName y DdnsPassword. Esta vulnerabilidad permite a atacantes ejecutar comandos arbitrarios por medio de una petición diseñada • https://github.com/wudipjq/my_vuln/blob/main/ARRIS/vuln_3/3.md • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •