CVE-2022-43973

HIGH

Linksys WRT54GL <=4.30.18.006 - RCE

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-43973. PoCs published by UmbertoDellaMonica.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2022-43973, targeting the Linksys WRT54GL router. It includes detailed hardware exploitation steps, firmware extraction, and a MIPS reverse shell payload for remote code execution.

Description

An arbitrary code execution vulnerability exisits in Linksys WRT54GL Wireless-G Broadband Router with firmware <= 4.30.18.006. The Check_TSSI function within the httpd binary uses unvalidated user input in the construction of a system command. An authenticated attacker with administrator privileges can leverage this vulnerability over the network via a malicious POST request to /apply.cgi to execute arbitrary commands on the underlying Linux operating system as root.

Exploits (1)

nomisec WORKING POC

by UmbertoDellaMonica · poc

https://github.com/UmbertoDellaMonica/Linksys-WRT54GL-Exploitation

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2022-43973, targeting the Linksys WRT54GL router. It includes detailed hardware exploitation steps, firmware extraction, and a MIPS reverse shell payload for remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Complex

Reliability

Reliable

Target: Linksys WRT54GL v1.1 firmware

No auth needed

Prerequisites: Physical access to the device for JTAG debugging · Firmware extraction tools (binwalk, OpenOCD) · MIPS cross-compilation toolchain

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed May 18, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit, Third Party Advisory

https://youtu.be/73-1lhvJPNg

Exploit, Third Party Advisory

https://youtu.be/RfWVYCUBNZ0

Exploit, Third Party Advisory

https://youtu.be/TeWAmZaKQ_w

Scores

CVSS v3 7.2

EPSS 0.0100

EPSS Percentile 77.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-78

Status published

Products (1)

linksys/wrt54gl_firmware < 4.30.18.006

Published Jan 09, 2023

Tracked Since Feb 18, 2026