{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-26376", "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "assignerShortName": "talos", "datePublished": "2022-08-05T21:18:47.095Z", "dateUpdated": "2025-04-15T18:53:55.243Z", "dateReserved": "2022-04-05T00:00:00.000Z"}, "containers": {"cna": {"datePublic": "2022-07-27T00:00:00.000Z", "providerMetadata": {"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos", "dateUpdated": "2022-10-07T00:00:00.000Z"}, "descriptions": [{"lang": "en", "value": "A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin New Gen prior to 386.7.. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability."}], "affected": [{"vendor": "Asuswrt-Merlin", "product": "Asuswrt-Merlin New Gen", "versions": [{"version": "prior to 386.7", "status": "affected"}]}], "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1511"}], "metrics": [{"cvssV3_0": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-787: Out-of-bounds Write", "cweId": "CWE-787"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T05:03:32.976Z"}, "title": "CVE Program Container", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1511", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-04-15T18:18:45.679502Z", "id": "CVE-2022-26376", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-15T18:53:55.243Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1511", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T05:03:32.976Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2022-26376", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-15T18:18:45.679502Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-15T18:18:47.140Z"}}], "cna": {"metrics": [{"cvssV3_0": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "Asuswrt-Merlin", "product": "Asuswrt-Merlin New Gen", "versions": [{"status": "affected", "version": "prior to 386.7"}]}], "datePublic": "2022-07-27T00:00:00.000Z", "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1511"}], "descriptions": [{"lang": "en", "value": "A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin New Gen prior to 386.7.. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-787", "description": "CWE-787: Out-of-bounds Write"}]}], "providerMetadata": {"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos", "dateUpdated": "2022-10-07T00:00:00.000Z"}}}, "cveMetadata": {"cveId": "CVE-2022-26376", "state": "PUBLISHED", "dateUpdated": "2025-04-15T18:53:55.243Z", "dateReserved": "2022-04-05T00:00:00.000Z", "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "datePublished": "2022-08-05T21:18:47.095Z", "assignerShortName": "talos"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:asuswrt:*:*:*:*:*:*:*:*", "matchCriteriaId": "F08F0BFE-E5AF-4991-A543-C879E7920B1A", "versionEndExcluding": "3.0.0.4.386_48706", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asuswrt-merlin:new_gen:*:*:*:*:*:*:*:*", "matchCriteriaId": "56FA1FDB-6F85-429C-BF43-E60F1BF8BDB7", "versionEndExcluding": "386.7", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:xt8_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4B1A968A-7E66-43F0-9E98-0EE71E6E8291", "versionEndExcluding": "3.0.0.4.386_48706", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:xt8:-:*:*:*:*:*:*:*", "matchCriteriaId": "37EEF2AE-074D-403B-B606-6C2CE88AD3B2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:tuf-ax3000_v2_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E797BD3C-28F5-495C-87DE-B6F42F80270E", "versionEndExcluding": "3.0.0.4.386_48750", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:tuf-ax3000_v2:-:*:*:*:*:*:*:*", "matchCriteriaId": "3D03C2C9-2EE8-47B9-9950-75C8A887C22C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:xd4_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2664F674-B251-4525-BCBE-74841A2FC8A5", "versionEndExcluding": "3.0.0.4.386_48790", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:xd4:-:*:*:*:*:*:*:*", "matchCriteriaId": "ABBBB0A6-CDA7-47E1-B154-B7D6DE70D973", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:et12_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "7CA3A839-66DD-48A9-B14A-DA328EC5A96B", "versionEndExcluding": "3.0.0.4.386_48823", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:et12:-:*:*:*:*:*:*:*", "matchCriteriaId": "02E71310-9771-4D30-A202-1ADF5533960A", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:gt-ax6000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C628CA52-9224-4793-968B-5E452A09DA69", "versionEndExcluding": "3.0.0.4.386_48823", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:gt-ax6000:-:*:*:*:*:*:*:*", "matchCriteriaId": "B3B5FD80-66EC-42B3-AD9E-73C8BEDFB71E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:xt12_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E78AD82E-F3A4-4A95-8AED-93A29AD945D6", "versionEndExcluding": "3.0.0.4.386_48823", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:xt12:-:*:*:*:*:*:*:*", "matchCriteriaId": "C67E3C2D-1090-4C72-AAE8-89AE8E997533", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:rt-ax58u_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "B8621573-D08C-4F11-9C6E-335EF7B84C60", "versionEndExcluding": "3.0.0.4.386_48908", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:rt-ax58u:-:*:*:*:*:*:*:*", "matchCriteriaId": "855509B2-CE29-4A04-B412-C160139EA392", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:xt9_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4C9248D5-5BD4-41F5-8F97-0D57DFB083DC", "versionEndExcluding": "3.0.0.4.388_20027", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:xt9:-:*:*:*:*:*:*:*", "matchCriteriaId": "74B737E9-4218-435F-A6B1-980B2090BA8C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:xd6_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "071652E7-585F-4071-A48E-2A94AEF1E1D4", "versionEndExcluding": "3.0.0.4.386_49356", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:xd6:-:*:*:*:*:*:*:*", "matchCriteriaId": "727481D1-6673-4671-B970-87C6A22706CC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:gt-ax11000_pro_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6013420E-9504-456C-A4FD-8C62D1948AB0", "versionEndExcluding": "3.0.0.4.386_48996", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:gt-ax11000_pro:-:*:*:*:*:*:*:*", "matchCriteriaId": "140087CE-0EBB-469D-956E-5BECA5AB5CBE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:gt-axe16000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "4336BA99-3693-4CF5-B301-C06EFC75B3B6", "versionEndExcluding": "3.0.0.4.386_48786", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:gt-axe16000:-:*:*:*:*:*:*:*", "matchCriteriaId": "576BB6E0-D4E3-40EB-8212-B78946FB5082", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:rt-ax86u_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "BED51697-4045-4551-9BDB-C8795ABB5A6E", "versionEndExcluding": "3.0.0.4.386_49447", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:rt-ax86u:-:*:*:*:*:*:*:*", "matchCriteriaId": "AB28700C-02EB-46D0-9BAD-833CE4790264", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:rt-ax68u_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E702F9E7-BB84-4B3C-8EFE-D6AE16D44C63", "versionEndExcluding": "3.0.0.4.386_49479", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:rt-ax68u:-:*:*:*:*:*:*:*", "matchCriteriaId": "7E27ED92-86BD-4FDB-A7AF-D308AA4A14DC", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:rt-ax82u_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DAA6BB79-7908-494E-AF2A-D5A05B9D73BF", "versionEndExcluding": "3.0.0.4.386_49380", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:rt-ax82u:-:*:*:*:*:*:*:*", "matchCriteriaId": "8D118305-CAFD-425F-8352-3B241D2E7702", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:rt-ax56u_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "96356DF5-2C7A-47E8-AA6B-BE9DB1A7CF03", "versionEndExcluding": "3.0.0.4.386_49559", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:rt-ax56u:-:*:*:*:*:*:*:*", "matchCriteriaId": "4D747097-702E-4046-9723-01A586336534", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:rt-ax55_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "40C64C0C-0D63-4262-9D31-EC560A084548", "versionEndExcluding": "3.0.0.4.386_49559", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:rt-ax55:-:*:*:*:*:*:*:*", "matchCriteriaId": "B8F27D4F-EDC4-4676-8C66-545378850BF1", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:asus:gt-ax11000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "5F1F38CC-78E1-43C7-B855-C79294061B3F", "versionEndExcluding": "3.0.0.4.386_49559", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:asus:gt-ax11000:-:*:*:*:*:*:*:*", "matchCriteriaId": "CC02F598-C10E-4C77-9BE9-CB3660893C5E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin New Gen prior to 386.7.. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability."}, {"lang": "es", "value": "Se presenta una vulnerabilidad de corrupci\u00f3n de memoria en la funcionalidad httpd unescape de Asuswrt versiones anteriores a 3.0.0.4.386_48706 y Asuswrt-Merlin New Gen versiones anteriores a 386.7. Una petici\u00f3n HTTP especialmente dise\u00f1ada puede conllevar a una corrupci\u00f3n de memoria. Un atacante puede enviar una petici\u00f3n de red para desencadenar esta vulnerabilidad"}], "id": "CVE-2022-26376", "lastModified": "2024-11-21T06:53:52.570", "metrics": {"cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "talos-cna@cisco.com", "type": "Secondary"}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-08-05T22:15:11.143", "references": [{"source": "talos-cna@cisco.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1511"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory"], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2022-1511"}], "sourceIdentifier": "talos-cna@cisco.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-787"}], "source": "talos-cna@cisco.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-787"}], "source": "nvd@nist.gov", "type": "Secondary"}]}

{}

{}