CVE-2022-37780

Published: Sep 7, 2022Modified: Jun 17, 2025

7.2

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.2 / Impact: 5.9

Source: NVD

Description

Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers V3.0.1.17 were discovered to contain a remote command execution (RCE) vulnerability via the pingAddr parameter of the tracert function.

Affected (4)

Products: Phicomm: Fir151b Firmware, Fir302e Firmware, Fir300b Firmware, Fir303b Firmware

4 products

Configuration A

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Phicomm Fir151b Firmware	Version 3.0.1.17

Running on/with	Platform Versions
Phicomm Fir151b	Version a2

Configuration B

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Phicomm Fir302e Firmware	Version 3.0.1.17

Running on/with	Platform Versions
Phicomm Fir302e	Version a2

Configuration C

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Phicomm Fir300b Firmware	Version 3.0.1.17

Running on/with	Platform Versions
Phicomm Fir300b	Version a2

Configuration D

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Phicomm Fir303b Firmware	Version 3.0.1.17

Running on/with	Platform Versions
Phicomm Fir303b	Version a2

References (2)

https://github.com/SLoSnow9879/Phicomm_Router/blob/main/Tracert_1.md

Source: cve@mitre.org

ExploitThird Party Advisory

https://github.com/SLoSnow9879/Phicomm_Router/blob/main/Tracert_1.md

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.