CVE-2022-29014

HIGH EXPLOITED NUCLEI

Razer Sila Gaming Router <2.0.441_api-2.0.418 - Info Disclosure

Title source: llm

Exploitation Summary

CVE-2022-29014 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 1 public exploit from researchers including Kevin Randall. A Nuclei detection template is also available.

AI-analyzed exploit summary This exploit demonstrates a Local File Inclusion (LFI) vulnerability in the Razer Sila router. It sends a crafted POST request to the `/ubus/` endpoint to read the contents of `/etc/passwd` without authentication.

Description

A local file inclusion vulnerability in Razer Sila Gaming Router v2.0.441_api-2.0.418 allows attackers to read arbitrary files.

Exploits (1)

exploitdb WORKING POC

by Kevin Randall · textwebappshardware

https://www.exploit-db.com/exploits/50864

View Code ZIP pw:eip

This exploit demonstrates a Local File Inclusion (LFI) vulnerability in the Razer Sila router. It sends a crafted POST request to the `/ubus/` endpoint to read the contents of `/etc/passwd` without authentication.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Razer Sila Router (RazerSila-2.0.441_api-2.0.418)

No auth needed

Prerequisites: Network access to the router's web interface

MITRE ATT&CK

T1005 - Data from Local System

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Nuclei Templates (1)

Razer Sila Gaming Router 2.0.441_api-2.0.418 - Local File Inclusion

HIGHby edoardottt

References (3)

Core 3

Core References

Product, Vendor Advisory x_refsource_misc

https://www2.razer.com/ap-en/desktops-and-networking/razer-sila

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

https://www.exploit-db.com/exploits/50864

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

https://packetstormsecurity.com/files/166683/Razer-Sila-2.0.418-Local-File-Inclusion.html

Scores

CVSS v3 7.5

EPSS 0.1061

EPSS Percentile 95.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

VulnCheck KEV 2023-11-13

Status published

Products (1)

razer/sila_firmware 2.0.441_api-2.0.418

Published Jun 09, 2022

Tracked Since Feb 18, 2026