Security News

Two vulnerabilities found in three NetComm router models could be exploited to achieve remote code execution on vulnerable devices, and there's a public PoC chaining them, CERT/CC has warned. CVE-2022-4874 is an authentication bypass flaw and CVE-2022-4873 is a stack based buffer overflow vulnerability that allows attackers to crash the application at a known location and exploit that to execute code on a vulnerable device.

Security vulnerabilities have been disclosed in Netcomm and TP-Link routers, some of which could be weaponized to achieve remote code execution. The flaws, tracked as CVE-2022-4873 and CVE-2022-4874, concern a case of stack-based buffer overflow and authentication bypass and impact Netcomm router models NF20MESH, NF20, and NL1902 running software versions earlier than R6B035.

An industrial router made by Australian telecommunications equipment company NetComm Wireless is affected by several serious vulnerabilities that can be exploited remotely to take control of...