Two vulnerabilities (CVE-2022-4873, CVE-2022-4874) found in three NetComm router models could be exploited to achieve remote code execution on vulnerable devices, and there’s a public PoC chaining them, CERT/CC has warned. The good news is that they’ve been fixed by NetComm and the patches have been implemented in new firmware released in November 2022. About CVE-2022-4873 and CVE-2022-4874 CVE-2022-4874 is an authentication bypass flaw and CVE-2022-4873 is a stack based buffer overflow vulnerability that allows … More
The post Vulnerable NetComm routers and a public PoC exploit (CVE-2022-4873, CVE-2022-4874) appeared first on Help Net Security.