CVE-2022-4873
Published: 11 January 2023
Summary
CVE-2022-4873 is a critical-severity Out-of-bounds Write (CWE-787) vulnerability in Netcommwireless Nf20 Firmware. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 30.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
CVE-2022-4873 is a stack-based buffer overflow affecting the sessionKey parameter on Netcomm NF20MESH, NF20, and NL1902 routers. The flaw, classified under CWE-787, permits an attacker to supply an oversized value that overwrites the instruction pointer at a predictable stack location, resulting in application crashes and potential control-flow hijacking. It carries a CVSS 3.1 score of 9.8 reflecting network accessibility without authentication or user interaction.
Unauthenticated remote attackers can exploit the vulnerability over the network to achieve arbitrary code execution or denial of service on the affected devices. Because the overflow occurs in a session-handling component reachable without credentials, an adversary positioned to send crafted requests can reliably trigger the condition and redirect execution.
Public advisories, including the detailed write-up at https://github.com/scarvell/advisories/blob/main/2022_netcomm_nf20mesh_unauth_rce.md and CERT VU#986018, document the unauthenticated remote-code-execution path and provide reproduction details for the three router models.
EPSS for the CVE rose from a low baseline to a peak of 0.1082 on 2025-12-11 before receding to the current value of 0.0060, indicating a period of increased exploitation interest after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-52133
Vulnerability details
On Netcomm router models NF20MESH, NF20, and NL1902 a stack based buffer overflow affects the sessionKey parameter. By providing a specific number of bytes, the instruction pointer is able to be overwritten on the stack and crashes the application at…
more
a known location.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Out-of-bounds writes that corrupt control flow or inject shellcode are rendered non-executable by the same memory protections.