CVE-2022-45701
Published: 17 February 2023
Summary
CVE-2022-45701 is a high-severity Command Injection (CWE-77) vulnerability in Commscope Arris Tg2482A Firmware. Its CVSS base score is 8.8 (High).
Operationally, ranked in the top 2.8% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
CVE-2022-45701 is a remote code execution vulnerability in the Arris TG2482A cable modem firmware through version 9.1.103GEM9. The flaw resides in the ping utility feature and is associated with CWE-77 command injection, allowing an attacker to supply crafted input that executes arbitrary commands on the device. The vulnerability carries a CVSS 3.1 base score of 8.8, reflecting network attack vector, low complexity, and low privileges required.
An authenticated remote attacker with network access to the device management interface can exploit the ping utility to achieve full remote code execution. Successful exploitation grants the attacker the ability to compromise confidentiality, integrity, and availability of the affected router, potentially enabling persistence, lateral movement, or further attacks on connected networks.
Public proof-of-concept code has been published on GitHub and Packet Storm, and the EPSS score rose from lower values after disclosure to a peak of 0.5611 before receding to the current 0.3530, indicating a period of increased exploitation interest. No vendor advisory or patch information is provided in the available references.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-48560
Vulnerability details
Arris TG2482A firmware through 9.1.103GEM9 allow Remote Code Execution (RCE) via the ping utility feature.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.