2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2022-26376" ,
"sourceIdentifier" : "talos-cna@cisco.com" ,
"published" : "2022-08-05T22:15:11.143" ,
"lastModified" : "2022-12-02T20:08:05.937" ,
"vulnStatus" : "Analyzed" ,
"descriptions" : [
{
"lang" : "en" ,
"value" : "A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin New Gen prior to 386.7.. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability."
} ,
{
"lang" : "es" ,
"value" : "Se presenta una vulnerabilidad de corrupci\u00f3n de memoria en la funcionalidad httpd unescape de Asuswrt versiones anteriores a 3.0.0.4.386_48706 y Asuswrt-Merlin New Gen versiones anteriores a 386.7. Una petici\u00f3n HTTP especialmente dise\u00f1ada puede conllevar a una corrupci\u00f3n de memoria. Un atacante puede enviar una petici\u00f3n de red para desencadenar esta vulnerabilidad"
}
] ,
"metrics" : {
"cvssMetricV31" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "3.1" ,
"vectorString" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" ,
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "HIGH" ,
"integrityImpact" : "HIGH" ,
"availabilityImpact" : "HIGH" ,
"baseScore" : 9.8 ,
"baseSeverity" : "CRITICAL"
} ,
"exploitabilityScore" : 3.9 ,
"impactScore" : 5.9
}
] ,
"cvssMetricV30" : [
{
"source" : "talos-cna@cisco.com" ,
"type" : "Secondary" ,
"cvssData" : {
"version" : "3.0" ,
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N" ,
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "NONE" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "LOW" ,
"availabilityImpact" : "NONE" ,
"baseScore" : 5.3 ,
"baseSeverity" : "MEDIUM"
} ,
"exploitabilityScore" : 3.9 ,
"impactScore" : 1.4
}
]
} ,
"weaknesses" : [
{
"source" : "talos-cna@cisco.com" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-787"
}
]
} ,
{
"source" : "nvd@nist.gov" ,
"type" : "Secondary" ,
"description" : [
{
"lang" : "en" ,
"value" : "CWE-787"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:asus:asuswrt:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.0.0.4.386_48706" ,
"matchCriteriaId" : "F08F0BFE-E5AF-4991-A543-C879E7920B1A"
}
]
}
]
} ,
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:asuswrt-merlin:new_gen:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "386.7" ,
"matchCriteriaId" : "56FA1FDB-6F85-429C-BF43-E60F1BF8BDB7"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:asus:xt8:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "37EEF2AE-074D-403B-B606-6C2CE88AD3B2"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:asus:xt8_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.0.0.4.386_48706" ,
"matchCriteriaId" : "4B1A968A-7E66-43F0-9E98-0EE71E6E8291"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:asus:tuf-ax3000_v2:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "3D03C2C9-2EE8-47B9-9950-75C8A887C22C"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:asus:tuf-ax3000_v2_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.0.0.4.386_48750" ,
"matchCriteriaId" : "E797BD3C-28F5-495C-87DE-B6F42F80270E"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:asus:xd4:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "ABBBB0A6-CDA7-47E1-B154-B7D6DE70D973"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:asus:xd4_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.0.0.4.386_48790" ,
"matchCriteriaId" : "2664F674-B251-4525-BCBE-74841A2FC8A5"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:asus:et12:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "02E71310-9771-4D30-A202-1ADF5533960A"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:asus:et12_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.0.0.4.386_48823" ,
"matchCriteriaId" : "7CA3A839-66DD-48A9-B14A-DA328EC5A96B"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:asus:gt-ax6000:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B3B5FD80-66EC-42B3-AD9E-73C8BEDFB71E"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:asus:gt-ax6000_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.0.0.4.386_48823" ,
"matchCriteriaId" : "C628CA52-9224-4793-968B-5E452A09DA69"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:asus:xt12:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C67E3C2D-1090-4C72-AAE8-89AE8E997533"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:asus:xt12_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.0.0.4.386_48823" ,
"matchCriteriaId" : "E78AD82E-F3A4-4A95-8AED-93A29AD945D6"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:asus:rt-ax58u:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "855509B2-CE29-4A04-B412-C160139EA392"
2023-04-24 12:24:31 +02:00
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
2024-05-19 02:03:31 +00:00
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:asus:rt-ax58u_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.0.0.4.386_48908" ,
"matchCriteriaId" : "B8621573-D08C-4F11-9C6E-335EF7B84C60"
2023-04-24 12:24:31 +02:00
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:asus:xt9_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.0.0.4.388_20027" ,
"matchCriteriaId" : "4C9248D5-5BD4-41F5-8F97-0D57DFB083DC"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:asus:xt9:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "74B737E9-4218-435F-A6B1-980B2090BA8C"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:asus:xd6_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.0.0.4.386_49356" ,
"matchCriteriaId" : "071652E7-585F-4071-A48E-2A94AEF1E1D4"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:asus:xd6:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "727481D1-6673-4671-B970-87C6A22706CC"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:asus:gt-ax11000_pro_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.0.0.4.386_48996" ,
"matchCriteriaId" : "6013420E-9504-456C-A4FD-8C62D1948AB0"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:asus:gt-ax11000_pro:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "140087CE-0EBB-469D-956E-5BECA5AB5CBE"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:asus:gt-axe16000_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.0.0.4.386_48786" ,
"matchCriteriaId" : "4336BA99-3693-4CF5-B301-C06EFC75B3B6"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:asus:gt-axe16000:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "576BB6E0-D4E3-40EB-8212-B78946FB5082"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:asus:rt-ax86u_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.0.0.4.386_49447" ,
"matchCriteriaId" : "BED51697-4045-4551-9BDB-C8795ABB5A6E"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:asus:rt-ax86u:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "AB28700C-02EB-46D0-9BAD-833CE4790264"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:asus:rt-ax68u_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.0.0.4.386_49479" ,
"matchCriteriaId" : "E702F9E7-BB84-4B3C-8EFE-D6AE16D44C63"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:asus:rt-ax68u:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7E27ED92-86BD-4FDB-A7AF-D308AA4A14DC"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:asus:rt-ax82u_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.0.0.4.386_49380" ,
"matchCriteriaId" : "DAA6BB79-7908-494E-AF2A-D5A05B9D73BF"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:asus:rt-ax82u:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8D118305-CAFD-425F-8352-3B241D2E7702"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:asus:rt-ax56u_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.0.0.4.386_49559" ,
"matchCriteriaId" : "96356DF5-2C7A-47E8-AA6B-BE9DB1A7CF03"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:asus:rt-ax56u:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "4D747097-702E-4046-9723-01A586336534"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:asus:rt-ax55_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.0.0.4.386_49559" ,
"matchCriteriaId" : "40C64C0C-0D63-4262-9D31-EC560A084548"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:asus:rt-ax55:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B8F27D4F-EDC4-4676-8C66-545378850BF1"
}
]
}
]
} ,
{
"operator" : "AND" ,
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:o:asus:gt-ax11000_firmware:*:*:*:*:*:*:*:*" ,
"versionEndExcluding" : "3.0.0.4.386_49559" ,
"matchCriteriaId" : "5F1F38CC-78E1-43C7-B855-C79294061B3F"
}
]
} ,
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : false ,
"criteria" : "cpe:2.3:h:asus:gt-ax11000:-:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "CC02F598-C10E-4C77-9BE9-CB3660893C5E"
}
]
}
]
}
] ,
"references" : [
{
"url" : "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1511" ,
"source" : "talos-cna@cisco.com" ,
"tags" : [
"Exploit" ,
"Third Party Advisory"
]
}
]
}
