Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2022-44149
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The web service on Nexxt Amp300 ARN02304U8 42.103.1.5095 and 80.103.2.5045 devices allows remote OS command execution by placing &telnetd in the JSON host field to the ping feature of the goform/sysTools component. Authentication is required
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Nexxt Router 操作系统命令注入漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Nexxt Router是美国Nexxt公司的一系列路由器。 Nexxt Router 42.103.1.5095版本存在操作系统命令注入漏洞,该漏洞源于经过身份验证的远程代码执行利用可启用telnetd。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
-n/a n/a -
II. Public POCs for CVE-2022-44149
#POC DescriptionSource LinkShenlong Link
1POC Exploit for CVE-2022-44149https://github.com/yerodin/CVE-2022-44149POC Details
2it is script designed to interact with a router by sending a payload to its system tools. The script retrieves the router's configuration from environment variables to ensure security. It includes functions for generating an authorization header, sending a payload, and logging the process.https://github.com/geniuszlyy/CVE-2022-44149POC Details
3it is script designed to interact with a router by sending a payload to its system tools. The script retrieves the router's configuration from environment variables to ensure security. It includes functions for generating an authorization header, sending a payload, and logging the process.https://github.com/geniuszly/CVE-2022-44149POC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2022-44149
Please Login to view more intelligence information
IV. Related Vulnerabilities
Same product: n/a
Same vendor: n/a
V. Comments for CVE-2022-44149

No comments yet

Leave a comment