7.5

CVE-2022-31793

Exploit

do_request in request.c in muhttpd before 1.1.7 allows remote attackers to read arbitrary files by constructing a URL with a single character before a desired path on the filesystem. This occurs because the code skips over the first character when serving files. Arris NVG443, NVG599, NVG589, and NVG510 devices and Arris-derived BGW210 and BGW320 devices are affected.

Data is provided by the National Vulnerability Database (NVD)
InglorionMuhttpd Version < 1.1.7
ArrisNvg443 Firmware Version-
   ArrisNvg443 Version-
ArrisNvg599 Firmware Version-
   ArrisNvg599 Version-
ArrisNvg589 Firmware Version-
   ArrisNvg589 Version-
ArrisNvg510 Firmware Version-
   ArrisNvg510 Version-
ArrisBgw210 Firmware Version-
   ArrisBgw210 Version-
ArrisBgw320 Firmware Version-
   ArrisBgw320 Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 93.82% 0.999
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

https://kb.cert.org/vuls/id/495801
Third Party Advisory
US Government Resource