CVE-2022-31793

HIGH EXPLOITED NUCLEI

Inglorion Muhttpd < 1.1.7 - Path Traversal

Title source: rule

Description

do_request in request.c in muhttpd before 1.1.7 allows remote attackers to read arbitrary files by constructing a URL with a single character before a desired path on the filesystem. This occurs because the code skips over the first character when serving files. Arris NVG443, NVG599, NVG589, and NVG510 devices and Arris-derived BGW210 and BGW320 devices are affected.

Exploits (1)

nomisec WORKING POC 1 stars

by xpgdgit · poc

https://github.com/xpgdgit/CVE-2022-31793

View Code ZIP pw:eip

Nuclei Templates (1)

muhttpd <=1.1.5 - Local Inclusion

HIGHVERIFIEDby scent2d

References (5)

[Third Party Advisory] http://inglorion.net/software/muhttpd/

[Third Party Advisory] https://blog.malwarebytes.com/exploits-and-vulnerabilities/2022/08/millions-of-arris-routers-are-vulnerable-to-path-traversal-attacks/

[Exploit, Third Party Advisory] https://derekabdine.com/blog/2022-arris-advisory

[Third Party Advisory, US Government Resource] https://kb.cert.org/vuls/id/495801

[Third Party Advisory, US Government Resource] https://www.kb.cert.org/vuls/id/495801

Scores

CVSS v3 7.5

EPSS 0.9382

EPSS Percentile 99.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

VulnCheck KEV 2023-11-13

CWE

CWE-22

Status published

Products (7)

arris/bgw210_firmware

arris/bgw320_firmware

arris/nvg443_firmware

arris/nvg510_firmware

arris/nvg589_firmware

arris/nvg599_firmware

inglorion/muhttpd < 1.1.7

Published Aug 04, 2022

Tracked Since Feb 18, 2026