CVE-2022-42457
Published: 06 October 2022
Summary
CVE-2022-42457 is a critical-severity an unspecified weakness vulnerability in Generex Cs141 Firmware. Its CVSS base score is 9.1 (Critical).
Operationally, ranked in the top 8.7% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
Generex CS141 versions through 2.10 contain an authenticated remote command execution vulnerability in the web interface. The flaw allows an administrator to invoke the run_update function in /usr/bin/gxserve-update.sh, which passes attacker-controlled input directly to the shell and can be used to execute arbitrary operating-system commands.
An attacker with administrative credentials can reach the affected endpoint over the network and obtain full system access, including the ability to deploy a reverse shell via the referenced install.sh mechanism. The CVSS 9.1 score reflects the combination of network reachability, high impact on confidentiality, integrity, and availability, and the requirement for administrative privileges.
Public references include a proof-of-concept repository demonstrating the attack and Generex product and firmware download pages; no vendor advisory or patch information is provided in those sources. The associated EPSS score has remained low, with a current value of 0.0645 and a peak of 0.0671.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-45530
Vulnerability details
Generex CS141 through 2.10 allows remote command execution by administrators via a web interface that reaches run_update in /usr/bin/gxserve-update.sh (e.g., command execution can occur via a reverse shell installed by install.sh).
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.