cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-43970,https://securityvulnerability.io/vulnerability/CVE-2022-43970,Buffer overflow in Linksys WRT54GL,"A buffer overflow flaw exists in the Linksys WRT54GL Wireless-G Broadband Router, specifically in the Start_EPI function within the httpd binary. This vulnerability allows an authenticated attacker with administrator privileges to execute arbitrary commands on the Linux operating system as root. The exploit can be executed over the network by sending a specially crafted POST request to the /apply.cgi endpoint, potentially compromising the device's security and integrity. Users should ensure their firmware is updated to mitigate this risk.",Linksys,Wrt54gl Wireless-g Broadband Router,7.2,HIGH,0.005309999920427799,false,,false,false,false,,,false,false,,2023-01-09T00:00:00.000Z,0
CVE-2022-43972,https://securityvulnerability.io/vulnerability/CVE-2022-43972,Null pointer dereference in Linksys WRT54GL,A null pointer dereference vulnerability exists in Linksys WRT54GL Wireless-G Broadband Router with firmware <= 4.30.18.006. A null pointer dereference in the soap_action function within the upnp binary can be triggered by an unauthenticated attacker via a malicious POST request invoking the AddPortMapping action.,Linksys,Wrt54gl Wireless-g Broadband Router,6.5,MEDIUM,0.001129999989643693,false,,false,false,false,,,false,false,,2023-01-09T00:00:00.000Z,0
CVE-2022-43973,https://securityvulnerability.io/vulnerability/CVE-2022-43973,Arbitrary code execution in Linksys WRT54GL,"An arbitrary code execution vulnerability has been identified in the Linksys WRT54GL Wireless-G Broadband Router running firmware versions 4.30.18.006 and earlier. This issue arises from the Check_TSSI function within the httpd binary, where unvalidated user input can be manipulated to construct a system command. An authenticated attacker with administrative privileges can exploit this vulnerability by sending a crafted POST request to /apply.cgi. By doing so, they can execute arbitrary commands on the underlying Linux operating system with root privileges, potentially compromising the entire system.",Linksys,Wrt54gl Wireless-g Broadband Router,7.2,HIGH,0.009080000221729279,false,,false,false,false,,,false,false,,2023-01-09T00:00:00.000Z,0