Published: 06/01/2023 Updated: 30/01/2023

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 0

The web service on Nexxt Amp300 ARN02304U8 42.103.1.5095 and 80.103.2.5045 devices allows remote OS command execution by placing &telnetd in the JSON host field to the ping feature of the goform/sysTools component. Authentication is required

Vulnerable Product	Search on Vulmon	Subscribe to Product
nexxtsolutions amp300_firmware 42.103.1.5095
nexxtsolutions amp300_firmware 80.103.2.5045

Nexxt Router Firmware version 4210315095 authenticated remote code execution exploit that enables telnetd ...

POC Exploit for CVE-2022-44149

CVE-2022-44149 POC Exploit for CVE-2022-44149

CWE-78 https://packetstormsecurity.com/files/170366/Nexxt-Router-Firmware-42.103.1.5095-Remote-Code-Execution.html https://cxsecurity.com/issue/WLB-2023010006 https://www.nexxtsolutions.com/connectivity/search/?q=ARN02304U8 http://packetstormsecurity.com/files/170366/Nexxt-Router-Firmware-80.103.2.5045-Remote-Code-Execution.html http://packetstormsecurity.com/files/170366/Nexxt-Router-Firmware-42.103.1.5095-Remote-Code-Execution.html https://nvd.nist.gov https://github.com/yerodin/CVE-2022-44149 https://packetstormsecurity.com/files/170366/Nexxt-Router-Firmware-42.103.1.5095-Remote-Code-Execution.html

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2022-44149

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect