CVE-2022-4390
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2022-4390
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A network misconfiguration is present in versions prior to 1.0.9.90 of the NETGEAR RAX30 AX2400 series of routers. IPv6 is enabled for the WAN interface by default on these devices. While there are firewall restrictions in place that define access restrictions for IPv4 traffic, these restrictions do not appear to be applied to the WAN interface for IPv6. This allows arbitrary access to any services running on the device that may be inadvertently listening via IPv6, such as the SSH and Telnet servers spawned on ports 22 and 23 by default. This misconfiguration could allow an attacker to interact with services only intended to be accessible by clients on the local network.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
NETGEAR 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
NETGEAR是美国网件(NETGEAR)公司的一款路由器。连接两个或多个网络的硬件设备,在网络间起网关的作用。 NETGEAR RAX30 AX2400 1.0.9.90之前版本存在安全漏洞,该漏洞源于网络配置错误。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | NETGEAR Nighthawk RAX30 | NETGEAR Nighthawk WiFi6 Router prior to V1.0.9.90 | - |
II. Public POCs for CVE-2022-4390
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2022-4390
请登录查看更多情报信息。
Same Patch Batch · n/a · 2022-12-09 · 12 CVEs total
| CVE-2022-25629 | Broadcom Symantec Messaging Gateway 跨站脚本漏洞 | |
| CVE-2022-25630 | Broadcom Symantec Messaging Gateway 跨站脚本漏洞 | |
| CVE-2022-3259 | Red Hat OpenShift 安全漏洞 | |
| CVE-2022-34297 | Yii 跨站脚本漏洞 | |
| CVE-2022-4170 | rxvt-unicode 安全漏洞 | |
| CVE-2022-4336 | BAOTA 跨站脚本漏洞 | |
| CVE-2022-44213 | ZKTeco ZKBio Time 跨站脚本漏洞 | |
| CVE-2022-44790 | BigCommerec Interspire Email Marketer SQL注入漏洞 | |
| CVE-2022-44838 | Automotive Shop Management System SQL注入漏洞 | |
| CVE-2022-45290 | Kbase Doc 路径遍历漏洞 | |
| CVE-2022-45292 | Funkwhale 安全漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8276
bettercap MySQL Server mysql_server.go integer coercion - CVE-2026-8275
bettercap zerogod IPP Service zerogod_ipp_primitives.go ippR - CVE-2026-8270
Open5GS SMF ogs_nas_parse_qos_rules denial of service - CVE-2026-8269
Open5GS SMF smf_nsmf_handle_create_sm_context denial of serv - CVE-2026-8268
Open5GS SMF OpenAPI_list_create denial of service
V. Comments for CVE-2022-4390
No comments yet