CVE-2022-4873

CVSS V2 None CVSS V3 None
Description
On Netcomm router models NF20MESH, NF20, and NL1902 a stack based buffer overflow affects the sessionKey parameter. By providing a specific number of bytes, the instruction pointer is able to be overwritten on the stack and crashes the application at a known location.
Overview
  • CVE ID
  • CVE-2022-4873
  • Assigner
  • cret@cert.org
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-01-11T21:15:10
  • Last Modified Date
  • 2023-01-19T18:01:33
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:o:netcommwireless:nf20_firmware:*:*:*:*:*:*:*:* 1 OR r6b025
cpe:2.3:h:netcommwireless:nf20:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:netcommwireless:nf20mesh_firmware:*:*:*:*:*:*:*:* 1 OR r6b025
cpe:2.3:h:netcommwireless:nf20mesh:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:netcommwireless:nl1902_firmware:*:*:*:*:*:*:*:* 1 OR r6b025
cpe:2.3:h:netcommwireless:nl1902:-:*:*:*:*:*:*:* 0 OR
History
Created Old Value New Value Data Type Notes
2023-01-12 05:18:01 Added to TrackCVE
2023-01-12 05:18:02 Weakness Enumeration new
2023-01-12 14:15:16 2023-01-12T13:56:24 CVE Modified Date updated
2023-01-12 14:15:16 Received Awaiting Analysis Vulnerability Status updated
2023-01-18 16:16:14 Awaiting Analysis Undergoing Analysis Vulnerability Status updated
2023-01-19 20:14:04 2023-01-19T18:01:33 CVE Modified Date updated
2023-01-19 20:14:04 Undergoing Analysis Analyzed Vulnerability Status updated
2023-01-19 20:14:06 Weakness Enumeration update
2023-01-19 20:14:07 CPE Information updated