Vulnerabilities > CVE-2022-30114 - Out-of-bounds Write vulnerability in Fastweb products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

fastweb

CWE-787

NVD

Published: 2023-05-19

Updated: 2023-09-21

Summary

A heap-based buffer overflow in a network service in Fastweb FASTGate MediaAccess FGA2130FWB, firmware version 18.3.n.0482_FW_230_FGA2130, and DGA4131FWB, firmware version up to 18.3.n.0462_FW_261_DGA4131, allows a remote attacker to reboot the device through a crafted HTTP request, causing DoS.

Vulnerable Configurations

Part	Description	Count
OS	Fastweb Fastweb Fastgate Vdsl2 Dga4131Fwb Firmware * Fastweb Fastgate Gpon Fga2130Fwb Firmware -	2
Hardware	Fastweb Fastweb Fastgate Vdsl2 Dga4131Fwb - Fastweb Fastgate Gpon Fga2130Fwb -	2

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://str0ng4le.github.io/jekyll/update/2023/05/12/fastgate-bof-cve-2022-30114/
https://www.fastweb.it/myfastweb/assistenza/guide/FASTGate/