CVE-2022-36158
CVE-2022-36158
In short
The Contec FXA3200 wireless device has a hidden web page that doesn't properly check who is accessing it, allowing attackers to run system commands with the highest level of access (root). This is dangerous because anyone who finds this page can take complete control of the device.
Technical detail
An unauthenticated attacker can access the /usr/www/ja/mnt_cmd.cgi endpoint in Contec FXA3200 v1.13.00 and earlier, which lacks proper authorization controls. The vulnerability permits arbitrary Linux command execution with root privileges, resulting in complete device compromise and potential lateral movement within connected networks.
Summary generated and translated by AI from the official description.
Contec FXA3200 version 1.13.00 and under suffers from Insecure Permissions in the Wireless LAN Manager interface which allows malicious actors to execute Linux commands with root privilege via a hidden web page (/usr/www/ja/mnt_cmd.cgi).
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://gist.github.com/Nwqda/aac33d1936d2b514a3268f145345abb4https://jvn.jp/en/vu/JVNVU98305100/https://samy.link/blog/contec-flexlan-fxa2000-and-fxa3000-series-vulnerability-repohttps://www.contec.com/products-services/computer-networking/flexlan-fx/fx-accesspoint/fxa3200/feature/#section