Vulnerabilities > CVE-2022-37777 - Unspecified vulnerability in Phicomm products

CVSS 7.2 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

phicomm

NVD

Published: 2022-09-08

Updated: 2022-09-12

Summary

Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers 3.0.1.17 and earlier were discovered to contain a remote command execution (RCE) vulnerability via the trHops parameter of the tracert function.

Vulnerable Configurations

Part	Description	Count
OS	Phicomm Phicomm Fir151B Firmware 3.0.1.17 Phicomm Fir302E Firmware 3.0.1.17 Phicomm Fir300B Firmware 3.0.1.17 Phicomm Fir303B Firmware - Phicomm Fir303B Firmware 3.0.1.17	5
Hardware	Phicomm Phicomm Fir151B A2 Phicomm Fir302E A2 Phicomm Fir300B A2 Phicomm Fir303B A2	4

References

https://github.com/SLoSnow9879/Phicomm_Router/blob/main/Tracert_2.md