CVE-2022-46422

CWE-3457 documents5 sources
Severity
4.8MEDIUM
EPSS
0.1%
top 69.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Netgear Wnr2000 Firmware
Timeline
PublishedDec 20

Description

An issue in Netgear WNR2000 v1 1.2.3.7 and earlier allows authenticated attackers to cause a Denial of Service (DoS) via uploading a crafted firmware image during the firmware update process.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:HExploitability: 1.2 | Impact: 3.6

Affected Packages1 packages

🔴Vulnerability Details

2
CVEList
CVE-2022-46422: An issue in Netgear WNR2000 v1 12022-12-20
GHSA
GHSA-79hv-rqqf-c692: An issue in Netgear WNR2000 v1 12022-12-20

💥Exploits & PoCs

2
Exploit-DB
Telesquare SDT-CW3B1 1.1.0 - OS Command Injection2022-06-03
Exploit-DB
SDT-CW3B1 1.1.0 - OS Command Injection2022-05-17
CVE-2022-46422 (MEDIUM CVSS 4.8) | An issue in Netgear WNR2000 v1 1.2. | cvebase.io