Vulnerabilities > CVE-2022-37778 - Unspecified vulnerability in Phicomm products

CVSS 7.2 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

phicomm

NVD

Published: 2022-09-08

Updated: 2022-09-12

Summary

Phicomm FIR151B A2, FIR302E A2, FIR300B A2, FIR303B A2 routers V3.0.1.17 were discovered to contain a remote command execution (RCE) vulnerability via the current_time parameter of the time function.

Vulnerable Configurations

Part	Description	Count
OS	Phicomm Phicomm Fir151B Firmware 3.0.1.17 Phicomm Fir302E Firmware 3.0.1.17 Phicomm Fir300B Firmware 3.0.1.17 Phicomm Fir303B Firmware 3.0.1.17	4
Hardware	Phicomm Phicomm Fir151B A2 Phicomm Fir302E A2 Phicomm Fir300B A2 Phicomm Fir303B A2	4

References

https://github.com/SLoSnow9879/Phicomm_Router/blob/main/Time.md