First published: Wed Jan 25 2023(Updated: )
The web interface of the 'Nighthawk R6220 AC1200 Smart Wi-Fi Router' is vulnerable to a CRLF Injection attack that can be leveraged to perform Reflected XSS and HTML Injection. A malicious unauthenticated attacker can exploit this vulnerability using a specially crafted URL. This affects firmware versions: V1.1.0.112_1.0.1, V1.1.0.114_1.0.1.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
NETGEAR R6220 | =1.1.0.112_1.0.1 | |
NETGEAR R6220 | =1.1.0.114_1.0.1 | |
NETGEAR R6220 | ||
All of | ||
Any of | ||
NETGEAR R6220 | =1.1.0.112_1.0.1 | |
NETGEAR R6220 | =1.1.0.114_1.0.1 | |
NETGEAR R6220 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-47052 is considered a medium severity vulnerability due to its potential for exploitation via CRLF injection.
To fix CVE-2022-47052, upgrade the firmware of your NETGEAR R6220 to the latest version that addresses this vulnerability.
Yes, CVE-2022-47052 can be exploited by a remote unauthenticated attacker using a specially crafted URL.
CVE-2022-47052 can be leveraged to perform Reflected XSS and HTML Injection attacks.
CVE-2022-47052 affects firmware versions 1.1.0.112_1.0.1 and 1.1.0.114_1.0.1 for the NETGEAR R6220.