CRITICAL🇵🇱 Wersja polska

CVE-2022-4873

CVSS 9.8v3.1pub. 2023-01-11upd. 2025-11-04

On Netcomm router models NF20MESH, NF20, and NL1902 a stack based buffer overflow affects the sessionKey parameter. By providing a specific number of bytes, the instruction pointer is able to be overwritten on the stack and crashes the application at a known location.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Netcommwireless Nf20

    HW
    Netcommwireless
    wszystkie wersje
  • Netcommwireless Nf20 Firmware

    OS
    Netcommwireless
    < r6b025
  • Netcommwireless Nf20mesh

    HW
    Netcommwireless
    wszystkie wersje
  • Netcommwireless Nf20mesh Firmware

    OS
    Netcommwireless
    < r6b025
  • Netcommwireless Nl1902

    HW
    Netcommwireless
    wszystkie wersje
  • Netcommwireless Nl1902 Firmware

    OS
    Netcommwireless
    < r6b025
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Memory
CWE
References

Related vulnerabilities

CVE-2022-4874HIGH7.5ten sam produkt

Authentication bypass in Netcomm router models NF20MESH, NF20, and NL1902 allows an unauthenticated user to ac...

CVE-2015-6024CRITICAL9.8ten sam vendor

ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware before 3G10WVE-L101-S306ETS-C01_R05 al...

CVE-2018-14782HIGH7.5ten sam vendor

NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. The device allo...

CVE-2018-14783HIGH8.8ten sam vendor

NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. A cross-site re...

CVE-2018-14785HIGH7.5ten sam vendor

NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. The directory o...