Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2022-43970
PUBLISHED
More InfoOfficial Page
Assigner-trellix
Assigner Org ID-01626437-bf8f-4d1c-912a-893b5eb04808
View Known Exploited Vulnerability (KEV) details
Published At-09 Jan, 2023 | 00:00
Updated At-09 Apr, 2025 | 14:26
Rejected At-
▼CVE Numbering Authority (CNA)
Buffer overflow in Linksys WRT54GL

A buffer overflow vulnerability exists in Linksys WRT54GL Wireless-G Broadband Router with firmware <= 4.30.18.006. A stack-based buffer overflow in the Start_EPI function within the httpd binary allows an authenticated attacker with administrator privileges to execute arbitrary commands on the underlying Linux operating system as root. This vulnerablity can be triggered over the network via a malicious POST request to /apply.cgi.

Affected Products
Vendor
Linksys Holdings, Inc.Linksys
Product
WRT54GL Wireless-G Broadband Router
Versions
Affected
  • From Firmware through 4.30.18.006 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-120CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Type: CWE
CWE ID: CWE-120
Description: CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Metrics
VersionBase scoreBase severityVector
3.17.2HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.2
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Jessie Chick of Trellix ARC
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://youtu.be/73-1lhvJPNg
N/A
https://youtu.be/TeWAmZaKQ_w
N/A
https://youtu.be/RfWVYCUBNZ0
N/A
Hyperlink: https://youtu.be/73-1lhvJPNg
Resource: N/A
Hyperlink: https://youtu.be/TeWAmZaKQ_w
Resource: N/A
Hyperlink: https://youtu.be/RfWVYCUBNZ0
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://youtu.be/73-1lhvJPNg
x_transferred
https://youtu.be/TeWAmZaKQ_w
x_transferred
https://youtu.be/RfWVYCUBNZ0
x_transferred
Hyperlink: https://youtu.be/73-1lhvJPNg
Resource:
x_transferred
Hyperlink: https://youtu.be/TeWAmZaKQ_w
Resource:
x_transferred
Hyperlink: https://youtu.be/RfWVYCUBNZ0
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found