← back
CVE-2022-47208

CVE-2022-47208

CVSS 8.8 HIGHEPSS 1.2%CWE-78
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 8.8EPSS 1.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
16 Dec 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The “puhttpsniff” service, which runs by default, is susceptible to command injection due to improperly sanitized user input. An unauthenticated attacker on the same network segment as the router can execute arbitrary commands on the device without authentication.
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H