CVE-2022-4874

HIGH IN THE WILD

Netcomm router models - Auth Bypass

Title source: llm
STIX 2.1

Exploitation Summary

CVE-2022-4874 has been observed exploited in the wild (reported by InTheWild.io).

Description

Authentication bypass in Netcomm router models NF20MESH, NF20, and NL1902 allows an unauthenticated user to access content. In order to serve static content, the application performs a check for the existence of specific characters in the URL (.css, .png etc). If it exists, it performs a "fake login" to give the request an active session to load the file and not redirect to the login page.

References (2)

Core 2

Scores

CVSS v3 7.5
EPSS 0.1101
EPSS Percentile 95.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact partial

Details

InTheWild.io 2023-01-18
CWE
CWE-287
Status published
Products (3)
netcommwireless/nf20_firmware < r6b025
netcommwireless/nf20mesh_firmware < r6b025
netcommwireless/nl1902_firmware < r6b025
Published Jan 11, 2023
Tracked Since Feb 18, 2026