CVE-2022-37777

Published: Sep 8, 2022Modified: Nov 21, 2024

7.2

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.2 / Impact: 5.9

Source: NVD

Description

Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers 3.0.1.17 and earlier were discovered to contain a remote command execution (RCE) vulnerability via the trHops parameter of the tracert function.

Affected (4)

Products: Phicomm: Fir151b Firmware, Fir302e Firmware, Fir300b Firmware, Fir303b Firmware

4 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Phicomm Fir151b Firmware	Up to 3.0.1.17

Running on/with	Platform Versions
Phicomm Fir151b	Version a2

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Phicomm Fir302e Firmware	Up to 3.0.1.17

Running on/with	Platform Versions
Phicomm Fir302e	Version a2

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Phicomm Fir300b Firmware	Up to 3.0.1.17

Running on/with	Platform Versions
Phicomm Fir300b	Version a2

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Phicomm Fir303b Firmware	Up to 3.0.1.17

Running on/with	Platform Versions
Phicomm Fir303b	Version a2

References (2)

https://github.com/SLoSnow9879/Phicomm_Router/blob/main/Tracert_2.md

Source: cve@mitre.org

ExploitThird Party Advisory

https://github.com/SLoSnow9879/Phicomm_Router/blob/main/Tracert_2.md

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.