do_request in request.c in muhttpd before 1.1.7 allows remote attackers to read arbitrary files by constructing a URL with a single character before a desired path on the filesystem. This occurs because the code skips over the first character when serving files. Arris NVG443, NVG599, NVG589, and NVG510 devices and Arris-derived BGW210 and BGW320 devices are affected.
References
Link | Resource |
---|---|
http://inglorion.net/software/muhttpd/ | Third Party Advisory |
https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/08/millions-of-arris-routers-are-vulnerable-to-path-traversal-attacks/ | Third Party Advisory |
https://derekabdine.com/blog/2022-arris-advisory | Exploit Third Party Advisory |
https://kb.cert.org/vuls/id/495801 | Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
History
11 Aug 2022, 18:07
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://kb.cert.org/vuls/id/495801 - Third Party Advisory, US Government Resource | |
References | (MISC) http://inglorion.net/software/muhttpd/ - Third Party Advisory | |
References | (MISC) https://derekabdine.com/blog/2022-arris-advisory - Exploit, Third Party Advisory | |
References | (MISC) https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/08/millions-of-arris-routers-are-vulnerable-to-path-traversal-attacks/ - Third Party Advisory | |
CPE | cpe:2.3:o:arris:nvg443_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:arris:nvg443:-:*:*:*:*:*:*:* cpe:2.3:h:arris:bgw320:-:*:*:*:*:*:*:* cpe:2.3:h:arris:nvg589:-:*:*:*:*:*:*:* cpe:2.3:o:arris:nvg599_firmware:-:*:*:*:*:*:*:* cpe:2.3:a:inglorion:muhttpd:*:*:*:*:*:*:*:* cpe:2.3:h:arris:nvg510:-:*:*:*:*:*:*:* cpe:2.3:o:arris:bgw320_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:arris:bgw210_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:arris:bgw210:-:*:*:*:*:*:*:* cpe:2.3:o:arris:nvg510_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:arris:nvg599:-:*:*:*:*:*:*:* cpe:2.3:o:arris:nvg589_firmware:-:*:*:*:*:*:*:* |
|
First Time |
Arris nvg443
Arris nvg599 Inglorion muhttpd Inglorion Arris nvg443 Firmware Arris nvg510 Firmware Arris nvg589 Firmware Arris nvg510 Arris bgw210 Arris nvg589 Arris bgw320 Firmware Arris bgw210 Firmware Arris Arris bgw320 Arris nvg599 Firmware |
|
CWE | CWE-22 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
04 Aug 2022, 23:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-08-04 22:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-31793
Mitre link : CVE-2022-31793
CVE.ORG link : CVE-2022-31793
JSON object : View
Products Affected
inglorion
- muhttpd
arris
- nvg599_firmware
- bgw210
- nvg443
- bgw320_firmware
- bgw210_firmware
- nvg599
- nvg589_firmware
- nvg589
- nvg443_firmware
- nvg510_firmware
- bgw320
- nvg510
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')