do_request in request.c in muhttpd before 1.1.7 allows remote attackers to read arbitrary files by constructing a URL with a single character before a desired path on the filesystem. This occurs because the code skips over the first character when serving files. Arris NVG443, NVG599, NVG589, and NVG510 devices and Arris-derived BGW210 and BGW320 devices are affected.
References
Link | Resource |
---|---|
http://inglorion.net/software/muhttpd/ | Third Party Advisory |
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/08/millions-of-arris-routers-are-vulnerable-to-path-traversal-attacks/ | Third Party Advisory |
https://derekabdine.com/blog/2022-arris-advisory | Exploit Third Party Advisory |
https://kb.cert.org/vuls/id/495801 | Third Party Advisory US Government Resource |
http://inglorion.net/software/muhttpd/ | Third Party Advisory |
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/08/millions-of-arris-routers-are-vulnerable-to-path-traversal-attacks/ | Third Party Advisory |
https://derekabdine.com/blog/2022-arris-advisory | Exploit Third Party Advisory |
https://kb.cert.org/vuls/id/495801 | Third Party Advisory US Government Resource |
https://www.kb.cert.org/vuls/id/495801 |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
History
21 Nov 2024, 07:05
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
References | () http://inglorion.net/software/muhttpd/ - Third Party Advisory | |
References | () https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/08/millions-of-arris-routers-are-vulnerable-to-path-traversal-attacks/ - Third Party Advisory | |
References | () https://derekabdine.com/blog/2022-arris-advisory - Exploit, Third Party Advisory | |
References | () https://kb.cert.org/vuls/id/495801 - Third Party Advisory, US Government Resource |
11 Aug 2022, 18:07
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-22 | |
References | (MISC) http://inglorion.net/software/muhttpd/ - Third Party Advisory | |
References | (MISC) https://derekabdine.com/blog/2022-arris-advisory - Exploit, Third Party Advisory | |
References | (MISC) https://kb.cert.org/vuls/id/495801 - Third Party Advisory, US Government Resource | |
References | (MISC) https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/08/millions-of-arris-routers-are-vulnerable-to-path-traversal-attacks/ - Third Party Advisory | |
CPE | cpe:2.3:h:arris:nvg599:-:*:*:*:*:*:*:* cpe:2.3:o:arris:nvg589_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:arris:bgw210_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:arris:nvg510:-:*:*:*:*:*:*:* cpe:2.3:o:arris:bgw320_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:arris:nvg589:-:*:*:*:*:*:*:* cpe:2.3:h:arris:nvg443:-:*:*:*:*:*:*:* cpe:2.3:h:arris:bgw210:-:*:*:*:*:*:*:* cpe:2.3:o:arris:nvg599_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:arris:nvg443_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:arris:nvg510_firmware:-:*:*:*:*:*:*:* cpe:2.3:a:inglorion:muhttpd:*:*:*:*:*:*:*:* cpe:2.3:h:arris:bgw320:-:*:*:*:*:*:*:* |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
04 Aug 2022, 23:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-08-04 22:15
Updated : 2024-11-21 07:05
NVD link : CVE-2022-31793
Mitre link : CVE-2022-31793
CVE.ORG link : CVE-2022-31793
JSON object : View
Products Affected
arris
- nvg443
- nvg589_firmware
- nvg510
- nvg599
- nvg443_firmware
- nvg589
- nvg510_firmware
- bgw210_firmware
- bgw320_firmware
- bgw210
- bgw320
- nvg599_firmware
inglorion
- muhttpd
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')