Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the time and time zone function via the h_primary_ntp_server, h_backup_ntp_server, and h_time_zone parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
References
Link Resource
https://github.com/wudipjq/my_vuln/blob/main/ARRIS/vuln_12/12.md Exploit Third Party Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-03-15T21:56:31

Updated: 2022-03-15T21:56:31

Reserved: 2022-03-14T00:00:00


Link: CVE-2022-27000

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2022-03-15T22:15:15.180

Modified: 2023-08-08T14:21:49.707


Link: CVE-2022-27000

JSON object: View

cve-icon Redhat Information

No data.

CWE