CVE-2022-31793

Name of the Vulnerable Software and Affected Versions muhttpd versions prior to 1.1.7

Description The issue allows remote attackers to read arbitrary files by constructing a URL with a single character before a desired path on the filesystem. This occurs because the code skips over the first character when serving files. Arris NVG443, NVG599, NVG589, and NVG510 devices and Arris-derived BGW210 and BGW320 devices are affected. An attacker can obtain access to files containing passwords, wireless access settings, provider connection parameters, and private keys.

Recommendations For muhttpd versions prior to 1.1.7, update to version 1.1.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the do request function in request.c until a patch is available. Avoid using specially crafted HTTP requests that could exploit this issue until the update is applied.