Vulnerabilities > CVE-2022-47040 - Unspecified vulnerability in Askey Rtf3505Vw-N1 Firmware Brsvg000R3505Vmn1001S327

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

askey

NVD

Published: 2023-01-26

Updated: 2023-02-06

Summary

An issue in ASKEY router RTF3505VW-N1 BR_SV_g000_R3505VMN1001_s32_7 allows attackers to escalate privileges via running the tcpdump command after placing a crafted file in the /tmp directory and sending crafted packets through port 80.

Vulnerable Configurations

Part	Description	Count
OS	Askey Askey Rtf3505Vw N1 Firmware Br_Sv_G000_R3505Vmn1001_S32_7	1
Hardware	Askey Askey Rtf3505Vw N1 -	1

References

https://github.com/leoservalli/Privilege-escalation-ASKEY