7.5

CVE-2022-31793

Exploit
do_request in request.c in muhttpd before 1.1.7 allows remote attackers to read arbitrary files by constructing a URL with a single character before a desired path on the filesystem. This occurs because the code skips over the first character when serving files. Arris NVG443, NVG599, NVG589, and NVG510 devices and Arris-derived BGW210 and BGW320 devices are affected.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
InglorionMuhttpd Version < 1.1.7
ArrisNvg443 Firmware Version-
   ArrisNvg443 Version-
ArrisNvg599 Firmware Version-
   ArrisNvg599 Version-
ArrisNvg589 Firmware Version-
   ArrisNvg589 Version-
ArrisNvg510 Firmware Version-
   ArrisNvg510 Version-
ArrisBgw210 Firmware Version-
   ArrisBgw210 Version-
ArrisBgw320 Firmware Version-
   ArrisBgw320 Version-
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 12% 0.956
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

http://inglorion.net/software/muhttpd/
Third Party Advisory
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/08/millions-of-arris-routers-are-vulnerable-to-path-traversal-attacks/
Third Party Advisory
https://derekabdine.com/blog/2022-arris-advisory
Third Party Advisory
Exploit
https://kb.cert.org/vuls/id/495801
Third Party Advisory
US Government Resource
https://www.kb.cert.org/vuls/id/495801