CVE-2022-44149

high-risk
Published 2023-01-06

The web service on Nexxt Amp300 ARN02304U8 42.103.1.5095 and 80.103.2.5045 devices allows remote OS command execution by placing &telnetd in the JSON host field to the ping feature of the goform/sysTools component. Authentication is required

Do I need to act?

!
82.2% chance of exploitation in next 30 days
EPSS score — higher than 18% of all CVEs
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
!
1 public exploit available
51195
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.8/10 High
NETWORK / LOW complexity

Affected Products (2)

Affected Vendors

Nexxtsolutions

References (10)

Exploit http://packetstormsecurity.com/files/170366/Nexxt-Router-Firmware-42.103.1.5095-...
Exploit http://packetstormsecurity.com/files/170366/Nexxt-Router-Firmware-80.103.2.5045-...
Exploit https://cxsecurity.com/issue/WLB-2023010006
Exploit https://packetstormsecurity.com/files/170366/Nexxt-Router-Firmware-42.103.1.5095...
Product https://www.nexxtsolutions.com/connectivity/search/?q=ARN02304U8
Exploit http://packetstormsecurity.com/files/170366/Nexxt-Router-Firmware-42.103.1.5095-...
Exploit http://packetstormsecurity.com/files/170366/Nexxt-Router-Firmware-80.103.2.5045-...
Exploit https://cxsecurity.com/issue/WLB-2023010006
Exploit https://packetstormsecurity.com/files/170366/Nexxt-Router-Firmware-42.103.1.5095...
Product https://www.nexxtsolutions.com/connectivity/search/?q=ARN02304U8
57
/ 100
high-risk
Severity 30/34 · Critical
Exploitability 20/34 · Moderate
Exposure 7/34 · Low