Vulnerability Description
An arbitrary code exection vulnerability exists in Linksys WUMC710 Wireless-AC Universal Media Connector with firmware <= 1.0.02 (build3). The do_setNTP function within the httpd binary uses unvalidated user input in the construction of a system command. An authenticated attacker with administrator privileges can leverage this vulnerability over the network via a malicious GET or POST request to /setNTP.cgi to execute arbitrary commands on the underlying Linux operating system as root.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linksys | Wumc710 Firmware | < 1.0.02 |
| Linksys | Wumc710 | - |
Related Weaknesses (CWE)
References
- https://youtu.be/73-1lhvJPNgExploitThird Party Advisory
- https://youtu.be/RfWVYCUBNZ0ExploitThird Party Advisory
- https://youtu.be/TeWAmZaKQ_wExploitThird Party Advisory
- https://youtu.be/73-1lhvJPNgExploitThird Party Advisory
- https://youtu.be/RfWVYCUBNZ0ExploitThird Party Advisory
- https://youtu.be/TeWAmZaKQ_wExploitThird Party Advisory
FAQ
What is CVE-2022-43971?
CVE-2022-43971 is a vulnerability with a CVSS score of 7.2 (HIGH). An arbitrary code exection vulnerability exists in Linksys WUMC710 Wireless-AC Universal Media Connector with firmware <= 1.0.02 (build3). The do_setNTP function within the httpd binary uses unvalidat...
How severe is CVE-2022-43971?
CVE-2022-43971 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-43971?
Check the references section above for vendor advisories and patch information. Affected products include: Linksys Wumc710 Firmware, Linksys Wumc710.