CVE-2022-45701
Description
Arris TG2482A firmware through 9.1.103GEM9 allow Remote Code Execution (RCE) via the ping utility feature.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Arris/TG2482A firmwaredescription
Patches
Vulnerability mechanics
Root cause
"The ping utility feature does not properly sanitize user-supplied input, allowing for command injection."
Attack vector
An authenticated attacker can exploit this vulnerability by sending specially crafted requests to the device. The exploit targets the `snmpSet` endpoint, which is used to configure SNMP settings. By manipulating Object Identifiers (OIDs) with shell commands, the attacker can achieve Remote Code Execution on the affected device [ref_id=1]. The payload is constructed to execute a netcat command, establishing a reverse shell back to the attacker's machine [ref_id=1].
Affected code
The vulnerability lies within the ping utility feature, which is accessible via the `snmpSet` endpoint. Specifically, the `set_oid` function appears to be involved in processing the malicious input that leads to command injection [ref_id=1].
What the fix does
The advisory does not specify a patch or provide details on how the vulnerability is fixed. Users are advised to update their firmware to a version that addresses this vulnerability, though no specific version is recommended as a fix.
Preconditions
- authThe attacker must have administrative credentials to authenticate to the device.
- networkThe attacker must be able to reach the device over the network.
Reproduction
The provided reference [ref_id=1] includes Python code that demonstrates how to reproduce the vulnerability by sending specific HTTP requests to the device's `snmpSet` endpoint with a crafted payload.
Generated on Jun 2, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
2News mentions
0No linked articles in our index yet.