Vulnerabilities > CVE-2022-40740 - Unspecified vulnerability in Realtek Usdk and Xpon Software Development KIT

CVSS 7.2 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

HIGH

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

realtek

NVD

Published: 2023-01-03

Updated: 2023-07-10

Summary

Realtek GPON router has insufficient filtering for special characters. A remote attacker authenticated as an administrator can exploit this vulnerability to perform command injection attacks, to execute arbitrary system command, manipulate system or disrupt service.

Vulnerable Configurations

Part	Description	Count
Application	Realtek Realtek Xpon Software Development KIT 3.3 Realtek Xpon Software Development KIT 4.0 Realtek Xpon Software Development KIT 4.1 Realtek Xpon Software Development KIT 1.9 Realtek Usdk 1.0 Realtek Usdk 2.2 Realtek Usdk 2.0	7

References

https://www.twcert.org.tw/tw/cp-132-6831-19121-1.html