Search criteria
22 vulnerabilities found for k2_firmware by phicomm
CVE-2023-40796 (GCVE-0-2023-40796)
Vulnerability from nvd – Published: 2023-08-25 00:00 – Updated: 2024-10-02 16:26
VLAI
Summary
Phicomm k2 v22.6.529.216 was discovered to contain a command injection vulnerability via the function luci.sys.call.
Severity
No CVSS data available.
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| phicomm | k2_firmware |
Affected:
22.6.529.216
cpe:2.3:o:phicomm:k2_firmware:22.6.529.216:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:46:11.516Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/lst-oss/Vulnerability/tree/main/Phicomm/k2"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:phicomm:k2_firmware:22.6.529.216:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "k2_firmware",
"vendor": "phicomm",
"versions": [
{
"status": "affected",
"version": "22.6.529.216"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40796",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T16:25:55.731686Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:26:33.713Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Phicomm k2 v22.6.529.216 was discovered to contain a command injection vulnerability via the function luci.sys.call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-07T19:48:23.226Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/lst-oss/Vulnerability/tree/main/Phicomm/k2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-40796",
"datePublished": "2023-08-25T00:00:00.000Z",
"dateReserved": "2023-08-22T00:00:00.000Z",
"dateUpdated": "2024-10-02T16:26:33.713Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-48073 (GCVE-0-2022-48073)
Vulnerability from nvd – Published: 2023-01-27 00:00 – Updated: 2025-03-28 15:54
VLAI
Summary
Phicomm K2G v22.6.3.20 was discovered to store the root and admin passwords in plaintext.
Severity
7.5 (High)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-312 - Cleartext Storage of Sensitive Information
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:02:36.706Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://befitting-vinca-933.notion.site/Phicomm-K2-v22-6-534-263-Sensitive-Information-Disclosure-Vulnerability-530d2415593a400099451d9f0dd7371a"
},
{
"tags": [
"x_transferred"
],
"url": "https://befitting-vinca-933.notion.site/Phicomm-K2G-v22-6-3-20-Sensitive-Information-Disclosure-Vulnerability-8649a75a7ea7455583294e7447145cc6"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-48073",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-28T15:53:28.932795Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312 Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T15:54:05.338Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Phicomm K2G v22.6.3.20 was discovered to store the root and admin passwords in plaintext."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-05T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://befitting-vinca-933.notion.site/Phicomm-K2-v22-6-534-263-Sensitive-Information-Disclosure-Vulnerability-530d2415593a400099451d9f0dd7371a"
},
{
"url": "https://befitting-vinca-933.notion.site/Phicomm-K2G-v22-6-3-20-Sensitive-Information-Disclosure-Vulnerability-8649a75a7ea7455583294e7447145cc6"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-48073",
"datePublished": "2023-01-27T00:00:00.000Z",
"dateReserved": "2022-12-29T00:00:00.000Z",
"dateUpdated": "2025-03-28T15:54:05.338Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-48072 (GCVE-0-2022-48072)
Vulnerability from nvd – Published: 2023-01-27 00:00 – Updated: 2025-03-28 15:57
VLAI
Summary
Phicomm K2G v22.6.3.20 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function.
Severity
7.8 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:02:36.655Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://befitting-vinca-933.notion.site/Phicomm-K2G-v22-6-3-20-Command-injection-Vulnerability-36d54f03e35045bba8ec02bb85379614"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-48072",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-28T15:55:59.600020Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T15:57:15.156Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Phicomm K2G v22.6.3.20 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-27T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://befitting-vinca-933.notion.site/Phicomm-K2G-v22-6-3-20-Command-injection-Vulnerability-36d54f03e35045bba8ec02bb85379614"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-48072",
"datePublished": "2023-01-27T00:00:00.000Z",
"dateReserved": "2022-12-29T00:00:00.000Z",
"dateUpdated": "2025-03-28T15:57:15.156Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-48071 (GCVE-0-2022-48071)
Vulnerability from nvd – Published: 2023-01-27 00:00 – Updated: 2025-03-28 15:58
VLAI
Summary
Phicomm K2 v22.6.534.263 was discovered to store the root and admin passwords in plaintext.
Severity
7.5 (High)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-312 - Cleartext Storage of Sensitive Information
Assigner
References
1 reference
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:02:36.671Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://befitting-vinca-933.notion.site/Phicomm-K2-v22-6-534-263-Sensitive-Information-Disclosure-Vulnerability-530d2415593a400099451d9f0dd7371a"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-48071",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-28T15:58:00.375137Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312 Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T15:58:29.708Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Phicomm K2 v22.6.534.263 was discovered to store the root and admin passwords in plaintext."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-27T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://befitting-vinca-933.notion.site/Phicomm-K2-v22-6-534-263-Sensitive-Information-Disclosure-Vulnerability-530d2415593a400099451d9f0dd7371a"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-48071",
"datePublished": "2023-01-27T00:00:00.000Z",
"dateReserved": "2022-12-29T00:00:00.000Z",
"dateUpdated": "2025-03-28T15:58:29.708Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-48070 (GCVE-0-2022-48070)
Vulnerability from nvd – Published: 2023-01-27 00:00 – Updated: 2025-03-28 16:02
VLAI
Summary
Phicomm K2 v22.6.534.263 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function.
Severity
7.8 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:02:36.690Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://befitting-vinca-933.notion.site/Phicomm-K2-v22-6-534-263-Command-injection-Vulnerability-cb3492d6c33b4382a253db9e92f7efb6"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-48070",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-28T16:01:37.609686Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T16:02:13.428Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Phicomm K2 v22.6.534.263 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-27T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://befitting-vinca-933.notion.site/Phicomm-K2-v22-6-534-263-Command-injection-Vulnerability-cb3492d6c33b4382a253db9e92f7efb6"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-48070",
"datePublished": "2023-01-27T00:00:00.000Z",
"dateReserved": "2022-12-29T00:00:00.000Z",
"dateUpdated": "2025-03-28T16:02:13.428Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25219 (GCVE-0-2022-25219)
Vulnerability from nvd – Published: 2022-03-07 21:56 – Updated: 2024-08-03 04:36
VLAI
Summary
A null byte interaction error has been discovered in the code that the telnetd_startup daemon uses to construct a pair of ephemeral passwords that allow a user to spawn a telnet service on the router, and to ensure that the telnet service persists upon reboot. By means of a crafted exchange of UDP packets, an unauthenticated attacker on the local network can leverage this null byte interaction error in such a way as to make those ephemeral passwords predictable (with 1-in-94 odds). Since the attacker must manipulate data processed by the OpenSSL function RSA_public_decrypt(), successful exploitation of this vulnerability depends on the use of an unpadded RSA cipher (CVE-2022-25218).
Severity
No CVSS data available.
CWE
- Null Byte Interaction Error
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.tenable.com/security/research/tra-2022-01 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Phicomm Routers |
Affected:
K3 >= 21.5.37.246, K3C >= 32.1.22.113, K2P >= 20.4.1.7, K2 A7 >= 22.6.506.28, K2G A1 >= 22.6.3.20
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:36:05.791Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Phicomm Routers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "K3 \u003e= 21.5.37.246, K3C \u003e= 32.1.22.113, K2P \u003e= 20.4.1.7, K2 A7 \u003e= 22.6.506.28, K2G A1 \u003e= 22.6.3.20"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A null byte interaction error has been discovered in the code that the telnetd_startup daemon uses to construct a pair of ephemeral passwords that allow a user to spawn a telnet service on the router, and to ensure that the telnet service persists upon reboot. By means of a crafted exchange of UDP packets, an unauthenticated attacker on the local network can leverage this null byte interaction error in such a way as to make those ephemeral passwords predictable (with 1-in-94 odds). Since the attacker must manipulate data processed by the OpenSSL function RSA_public_decrypt(), successful exploitation of this vulnerability depends on the use of an unpadded RSA cipher (CVE-2022-25218)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Null Byte Interaction Error",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T21:56:51.000Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnreport@tenable.com",
"ID": "CVE-2022-25219",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Phicomm Routers",
"version": {
"version_data": [
{
"version_value": "K3 \u003e= 21.5.37.246, K3C \u003e= 32.1.22.113, K2P \u003e= 20.4.1.7, K2 A7 \u003e= 22.6.506.28, K2G A1 \u003e= 22.6.3.20"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A null byte interaction error has been discovered in the code that the telnetd_startup daemon uses to construct a pair of ephemeral passwords that allow a user to spawn a telnet service on the router, and to ensure that the telnet service persists upon reboot. By means of a crafted exchange of UDP packets, an unauthenticated attacker on the local network can leverage this null byte interaction error in such a way as to make those ephemeral passwords predictable (with 1-in-94 odds). Since the attacker must manipulate data processed by the OpenSSL function RSA_public_decrypt(), successful exploitation of this vulnerability depends on the use of an unpadded RSA cipher (CVE-2022-25218)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Null Byte Interaction Error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/research/tra-2022-01",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2022-25219",
"datePublished": "2022-03-07T21:56:51.000Z",
"dateReserved": "2022-02-15T00:00:00.000Z",
"dateUpdated": "2024-08-03T04:36:05.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25218 (GCVE-0-2022-25218)
Vulnerability from nvd – Published: 2022-03-07 21:50 – Updated: 2024-08-03 04:36
VLAI
Summary
The use of the RSA algorithm without OAEP, or any other padding scheme, in telnetd_startup, allows an unauthenticated attacker on the local area network to achieve a significant degree of control over the "plaintext" to which an arbitrary blob of ciphertext will be decrypted by OpenSSL's RSA_public_decrypt() function. This weakness allows the attacker to manipulate the various iterations of the telnetd startup state machine and eventually obtain a root shell on the device, by means of an exchange of crafted UDP packets. In all versions but K2 22.5.9.163 and K3C 32.1.15.93 a successful attack also requires the exploitation of a null-byte interaction error (CVE-2022-25219).
Severity
No CVSS data available.
CWE
- Use of RSA Algorithm without OAEP
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.tenable.com/security/research/tra-2022-01 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Phicomm Routers |
Affected:
K2 >= 22.5.9.163, K3 >= 21.5.37.246, K3C >= 32.1.15.93, K2P >= 20.4.1.7, K2 A7 >= 22.6.506.28
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:36:06.287Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Phicomm Routers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "K2 \u003e= 22.5.9.163, K3 \u003e= 21.5.37.246, K3C \u003e= 32.1.15.93, K2P \u003e= 20.4.1.7, K2 A7 \u003e= 22.6.506.28"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The use of the RSA algorithm without OAEP, or any other padding scheme, in telnetd_startup, allows an unauthenticated attacker on the local area network to achieve a significant degree of control over the \"plaintext\" to which an arbitrary blob of ciphertext will be decrypted by OpenSSL\u0027s RSA_public_decrypt() function. This weakness allows the attacker to manipulate the various iterations of the telnetd startup state machine and eventually obtain a root shell on the device, by means of an exchange of crafted UDP packets. In all versions but K2 22.5.9.163 and K3C 32.1.15.93 a successful attack also requires the exploitation of a null-byte interaction error (CVE-2022-25219)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use of RSA Algorithm without OAEP",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T21:50:25.000Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnreport@tenable.com",
"ID": "CVE-2022-25218",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Phicomm Routers",
"version": {
"version_data": [
{
"version_value": "K2 \u003e= 22.5.9.163, K3 \u003e= 21.5.37.246, K3C \u003e= 32.1.15.93, K2P \u003e= 20.4.1.7, K2 A7 \u003e= 22.6.506.28"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The use of the RSA algorithm without OAEP, or any other padding scheme, in telnetd_startup, allows an unauthenticated attacker on the local area network to achieve a significant degree of control over the \"plaintext\" to which an arbitrary blob of ciphertext will be decrypted by OpenSSL\u0027s RSA_public_decrypt() function. This weakness allows the attacker to manipulate the various iterations of the telnetd startup state machine and eventually obtain a root shell on the device, by means of an exchange of crafted UDP packets. In all versions but K2 22.5.9.163 and K3C 32.1.15.93 a successful attack also requires the exploitation of a null-byte interaction error (CVE-2022-25219)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use of RSA Algorithm without OAEP"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/research/tra-2022-01",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2022-25218",
"datePublished": "2022-03-07T21:50:25.000Z",
"dateReserved": "2022-02-15T00:00:00.000Z",
"dateUpdated": "2024-08-03T04:36:06.287Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25217 (GCVE-0-2022-25217)
Vulnerability from nvd – Published: 2022-03-07 21:49 – Updated: 2024-08-03 04:36
VLAI
Summary
Use of a hard-coded cryptographic key pair by the telnetd_startup service allows an attacker on the local area network to obtain a root shell on the device over telnet. The builds of telnetd_startup included in the version 22.5.9.163 of the K2 firmware, and version 32.1.15.93 of the K3C firmware (possibly amongst many other releases) included both the private and public RSA keys. The remaining versions cited here redacted the private key, but left the public key unchanged. An attacker in possession of the leaked private key may, through a scripted exchange of UDP packets, instruct telnetd_startup to spawn an unauthenticated telnet shell as root, by means of which they can then obtain complete control of the device. A consequence of the limited availablility of firmware images for testing is that models and versions not listed here may share this vulnerability.
Severity
No CVSS data available.
CWE
- Use of a hard-coded cryptographic key
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.tenable.com/security/research/tra-2022-01 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Phicomm Routers |
Affected:
K2 22.5.9.163, K3 21.5.37.246, K3C 32.1.15.93 -- 32.1.26.175, K3C 33.1.25.177, K2P 20.4.1.7, K2 A7 22.6.506.28
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:36:06.305Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Phicomm Routers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "K2 22.5.9.163, K3 21.5.37.246, K3C 32.1.15.93 -- 32.1.26.175, K3C 33.1.25.177, K2P 20.4.1.7, K2 A7 22.6.506.28"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Use of a hard-coded cryptographic key pair by the telnetd_startup service allows an attacker on the local area network to obtain a root shell on the device over telnet. The builds of telnetd_startup included in the version 22.5.9.163 of the K2 firmware, and version 32.1.15.93 of the K3C firmware (possibly amongst many other releases) included both the private and public RSA keys. The remaining versions cited here redacted the private key, but left the public key unchanged. An attacker in possession of the leaked private key may, through a scripted exchange of UDP packets, instruct telnetd_startup to spawn an unauthenticated telnet shell as root, by means of which they can then obtain complete control of the device. A consequence of the limited availablility of firmware images for testing is that models and versions not listed here may share this vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use of a hard-coded cryptographic key",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T21:49:05.000Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnreport@tenable.com",
"ID": "CVE-2022-25217",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Phicomm Routers",
"version": {
"version_data": [
{
"version_value": "K2 22.5.9.163, K3 21.5.37.246, K3C 32.1.15.93 -- 32.1.26.175, K3C 33.1.25.177, K2P 20.4.1.7, K2 A7 22.6.506.28"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use of a hard-coded cryptographic key pair by the telnetd_startup service allows an attacker on the local area network to obtain a root shell on the device over telnet. The builds of telnetd_startup included in the version 22.5.9.163 of the K2 firmware, and version 32.1.15.93 of the K3C firmware (possibly amongst many other releases) included both the private and public RSA keys. The remaining versions cited here redacted the private key, but left the public key unchanged. An attacker in possession of the leaked private key may, through a scripted exchange of UDP packets, instruct telnetd_startup to spawn an unauthenticated telnet shell as root, by means of which they can then obtain complete control of the device. A consequence of the limited availablility of firmware images for testing is that models and versions not listed here may share this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use of a hard-coded cryptographic key"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/research/tra-2022-01",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2022-25217",
"datePublished": "2022-03-07T21:49:05.000Z",
"dateReserved": "2022-02-15T00:00:00.000Z",
"dateUpdated": "2024-08-03T04:36:06.305Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25215 (GCVE-0-2022-25215)
Vulnerability from nvd – Published: 2022-03-07 21:53 – Updated: 2024-08-03 04:36
VLAI
Summary
Improper access control on the LocalMACConfig.asp interface allows an unauthenticated remote attacker to add (or remove) client MAC addresses to (or from) a list of banned hosts. Clients with those MAC addresses are then prevented from accessing either the WAN or the router itself.
Severity
No CVSS data available.
CWE
- Improper access control leading to denial of service
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.tenable.com/security/research/tra-2022-01 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Phicomm Routers |
Affected:
K2G A1 >= 22.6.3.20, K2 A7 >= 22.6.506.28, K2G A1 >= 22.6.3.20
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:36:06.378Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Phicomm Routers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "K2G A1 \u003e= 22.6.3.20, K2 A7 \u003e= 22.6.506.28, K2G A1 \u003e= 22.6.3.20"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control on the LocalMACConfig.asp interface allows an unauthenticated remote attacker to add (or remove) client MAC addresses to (or from) a list of banned hosts. Clients with those MAC addresses are then prevented from accessing either the WAN or the router itself."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper access control leading to denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T21:53:11.000Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnreport@tenable.com",
"ID": "CVE-2022-25215",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Phicomm Routers",
"version": {
"version_data": [
{
"version_value": "K2G A1 \u003e= 22.6.3.20, K2 A7 \u003e= 22.6.506.28, K2G A1 \u003e= 22.6.3.20"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper access control on the LocalMACConfig.asp interface allows an unauthenticated remote attacker to add (or remove) client MAC addresses to (or from) a list of banned hosts. Clients with those MAC addresses are then prevented from accessing either the WAN or the router itself."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper access control leading to denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/research/tra-2022-01",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2022-25215",
"datePublished": "2022-03-07T21:53:11.000Z",
"dateReserved": "2022-02-15T00:00:00.000Z",
"dateUpdated": "2024-08-03T04:36:06.378Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25214 (GCVE-0-2022-25214)
Vulnerability from nvd – Published: 2022-03-07 21:47 – Updated: 2024-08-03 04:36
VLAI
Summary
Improper access control on the LocalClientList.asp interface allows an unauthenticated remote attacker to obtain sensitive information concerning devices on the local area network, including IP and MAC addresses. Improper access control on the wirelesssetup.asp interface allows an unauthenticated remote attacker to obtain the WPA passphrases for the 2.4GHz and 5.0GHz wireless networks. This is particularly dangerous given that the K2G setup wizard presents the user with the option of using the same password for the 2.4Ghz network and the administrative interface, by clicking a checkbox. When Remote Managment is enabled, these endpoints are exposed to the WAN.
Severity
No CVSS data available.
CWE
- Improper access control leading to information leaks
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.tenable.com/security/research/tra-2022-01 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Phicomm Routers |
Affected:
K2G A1 >= 22.6.3.20, K2 A7 >= 22.6.506.28, K2G A1 >= 22.6.3.20
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:36:05.813Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Phicomm Routers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "K2G A1 \u003e= 22.6.3.20, K2 A7 \u003e= 22.6.506.28, K2G A1 \u003e= 22.6.3.20"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control on the LocalClientList.asp interface allows an unauthenticated remote attacker to obtain sensitive information concerning devices on the local area network, including IP and MAC addresses. Improper access control on the wirelesssetup.asp interface allows an unauthenticated remote attacker to obtain the WPA passphrases for the 2.4GHz and 5.0GHz wireless networks. This is particularly dangerous given that the K2G setup wizard presents the user with the option of using the same password for the 2.4Ghz network and the administrative interface, by clicking a checkbox. When Remote Managment is enabled, these endpoints are exposed to the WAN."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper access control leading to information leaks",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T21:47:00.000Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnreport@tenable.com",
"ID": "CVE-2022-25214",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Phicomm Routers",
"version": {
"version_data": [
{
"version_value": "K2G A1 \u003e= 22.6.3.20, K2 A7 \u003e= 22.6.506.28, K2G A1 \u003e= 22.6.3.20"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper access control on the LocalClientList.asp interface allows an unauthenticated remote attacker to obtain sensitive information concerning devices on the local area network, including IP and MAC addresses. Improper access control on the wirelesssetup.asp interface allows an unauthenticated remote attacker to obtain the WPA passphrases for the 2.4GHz and 5.0GHz wireless networks. This is particularly dangerous given that the K2G setup wizard presents the user with the option of using the same password for the 2.4Ghz network and the administrative interface, by clicking a checkbox. When Remote Managment is enabled, these endpoints are exposed to the WAN."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper access control leading to information leaks"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/research/tra-2022-01",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2022-25214",
"datePublished": "2022-03-07T21:47:00.000Z",
"dateReserved": "2022-02-15T00:00:00.000Z",
"dateUpdated": "2024-08-03T04:36:05.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25213 (GCVE-0-2022-25213)
Vulnerability from nvd – Published: 2022-03-07 21:55 – Updated: 2024-08-03 04:36
VLAI
Summary
Improper physical access control and use of hard-coded credentials in /etc/passwd permits an attacker with physical access to obtain a root shell via an unprotected UART port on the device. The same port exposes an unauthenticated Das U-Boot BIOS shell.
Severity
No CVSS data available.
CWE
- Improper physical access control
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.tenable.com/security/research/tra-2022-01 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Phicomm Routers |
Affected:
K3C
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:36:06.435Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Phicomm Routers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "K3C"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper physical access control and use of hard-coded credentials in /etc/passwd permits an attacker with physical access to obtain a root shell via an unprotected UART port on the device. The same port exposes an unauthenticated Das U-Boot BIOS shell."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper physical access control",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T21:55:25.000Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnreport@tenable.com",
"ID": "CVE-2022-25213",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Phicomm Routers",
"version": {
"version_data": [
{
"version_value": "K3C"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper physical access control and use of hard-coded credentials in /etc/passwd permits an attacker with physical access to obtain a root shell via an unprotected UART port on the device. The same port exposes an unauthenticated Das U-Boot BIOS shell."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper physical access control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/research/tra-2022-01",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2022-25213",
"datePublished": "2022-03-07T21:55:25.000Z",
"dateReserved": "2022-02-15T00:00:00.000Z",
"dateUpdated": "2024-08-03T04:36:06.435Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-40796 (GCVE-0-2023-40796)
Vulnerability from cvelistv5 – Published: 2023-08-25 00:00 – Updated: 2024-10-02 16:26
VLAI
Summary
Phicomm k2 v22.6.529.216 was discovered to contain a command injection vulnerability via the function luci.sys.call.
Severity
No CVSS data available.
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| phicomm | k2_firmware |
Affected:
22.6.529.216
cpe:2.3:o:phicomm:k2_firmware:22.6.529.216:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:46:11.516Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/lst-oss/Vulnerability/tree/main/Phicomm/k2"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:phicomm:k2_firmware:22.6.529.216:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "k2_firmware",
"vendor": "phicomm",
"versions": [
{
"status": "affected",
"version": "22.6.529.216"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-40796",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T16:25:55.731686Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:26:33.713Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Phicomm k2 v22.6.529.216 was discovered to contain a command injection vulnerability via the function luci.sys.call."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-07T19:48:23.226Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://github.com/lst-oss/Vulnerability/tree/main/Phicomm/k2"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2023-40796",
"datePublished": "2023-08-25T00:00:00.000Z",
"dateReserved": "2023-08-22T00:00:00.000Z",
"dateUpdated": "2024-10-02T16:26:33.713Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-48073 (GCVE-0-2022-48073)
Vulnerability from cvelistv5 – Published: 2023-01-27 00:00 – Updated: 2025-03-28 15:54
VLAI
Summary
Phicomm K2G v22.6.3.20 was discovered to store the root and admin passwords in plaintext.
Severity
7.5 (High)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-312 - Cleartext Storage of Sensitive Information
Assigner
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:02:36.706Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://befitting-vinca-933.notion.site/Phicomm-K2-v22-6-534-263-Sensitive-Information-Disclosure-Vulnerability-530d2415593a400099451d9f0dd7371a"
},
{
"tags": [
"x_transferred"
],
"url": "https://befitting-vinca-933.notion.site/Phicomm-K2G-v22-6-3-20-Sensitive-Information-Disclosure-Vulnerability-8649a75a7ea7455583294e7447145cc6"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-48073",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-28T15:53:28.932795Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312 Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T15:54:05.338Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Phicomm K2G v22.6.3.20 was discovered to store the root and admin passwords in plaintext."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-07-05T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://befitting-vinca-933.notion.site/Phicomm-K2-v22-6-534-263-Sensitive-Information-Disclosure-Vulnerability-530d2415593a400099451d9f0dd7371a"
},
{
"url": "https://befitting-vinca-933.notion.site/Phicomm-K2G-v22-6-3-20-Sensitive-Information-Disclosure-Vulnerability-8649a75a7ea7455583294e7447145cc6"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-48073",
"datePublished": "2023-01-27T00:00:00.000Z",
"dateReserved": "2022-12-29T00:00:00.000Z",
"dateUpdated": "2025-03-28T15:54:05.338Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-48071 (GCVE-0-2022-48071)
Vulnerability from cvelistv5 – Published: 2023-01-27 00:00 – Updated: 2025-03-28 15:58
VLAI
Summary
Phicomm K2 v22.6.534.263 was discovered to store the root and admin passwords in plaintext.
Severity
7.5 (High)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-312 - Cleartext Storage of Sensitive Information
Assigner
References
1 reference
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:02:36.671Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://befitting-vinca-933.notion.site/Phicomm-K2-v22-6-534-263-Sensitive-Information-Disclosure-Vulnerability-530d2415593a400099451d9f0dd7371a"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-48071",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-28T15:58:00.375137Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-312",
"description": "CWE-312 Cleartext Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T15:58:29.708Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Phicomm K2 v22.6.534.263 was discovered to store the root and admin passwords in plaintext."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-27T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://befitting-vinca-933.notion.site/Phicomm-K2-v22-6-534-263-Sensitive-Information-Disclosure-Vulnerability-530d2415593a400099451d9f0dd7371a"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-48071",
"datePublished": "2023-01-27T00:00:00.000Z",
"dateReserved": "2022-12-29T00:00:00.000Z",
"dateUpdated": "2025-03-28T15:58:29.708Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-48072 (GCVE-0-2022-48072)
Vulnerability from cvelistv5 – Published: 2023-01-27 00:00 – Updated: 2025-03-28 15:57
VLAI
Summary
Phicomm K2G v22.6.3.20 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function.
Severity
7.8 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:02:36.655Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://befitting-vinca-933.notion.site/Phicomm-K2G-v22-6-3-20-Command-injection-Vulnerability-36d54f03e35045bba8ec02bb85379614"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-48072",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-28T15:55:59.600020Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T15:57:15.156Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Phicomm K2G v22.6.3.20 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-27T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://befitting-vinca-933.notion.site/Phicomm-K2G-v22-6-3-20-Command-injection-Vulnerability-36d54f03e35045bba8ec02bb85379614"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-48072",
"datePublished": "2023-01-27T00:00:00.000Z",
"dateReserved": "2022-12-29T00:00:00.000Z",
"dateUpdated": "2025-03-28T15:57:15.156Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-48070 (GCVE-0-2022-48070)
Vulnerability from cvelistv5 – Published: 2023-01-27 00:00 – Updated: 2025-03-28 16:02
VLAI
Summary
Phicomm K2 v22.6.534.263 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function.
Severity
7.8 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- n/a
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
1 reference
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T15:02:36.690Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://befitting-vinca-933.notion.site/Phicomm-K2-v22-6-534-263-Command-injection-Vulnerability-cb3492d6c33b4382a253db9e92f7efb6"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-48070",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-28T16:01:37.609686Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-28T16:02:13.428Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Phicomm K2 v22.6.534.263 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-27T00:00:00.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://befitting-vinca-933.notion.site/Phicomm-K2-v22-6-534-263-Command-injection-Vulnerability-cb3492d6c33b4382a253db9e92f7efb6"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-48070",
"datePublished": "2023-01-27T00:00:00.000Z",
"dateReserved": "2022-12-29T00:00:00.000Z",
"dateUpdated": "2025-03-28T16:02:13.428Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25219 (GCVE-0-2022-25219)
Vulnerability from cvelistv5 – Published: 2022-03-07 21:56 – Updated: 2024-08-03 04:36
VLAI
Summary
A null byte interaction error has been discovered in the code that the telnetd_startup daemon uses to construct a pair of ephemeral passwords that allow a user to spawn a telnet service on the router, and to ensure that the telnet service persists upon reboot. By means of a crafted exchange of UDP packets, an unauthenticated attacker on the local network can leverage this null byte interaction error in such a way as to make those ephemeral passwords predictable (with 1-in-94 odds). Since the attacker must manipulate data processed by the OpenSSL function RSA_public_decrypt(), successful exploitation of this vulnerability depends on the use of an unpadded RSA cipher (CVE-2022-25218).
Severity
No CVSS data available.
CWE
- Null Byte Interaction Error
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.tenable.com/security/research/tra-2022-01 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Phicomm Routers |
Affected:
K3 >= 21.5.37.246, K3C >= 32.1.22.113, K2P >= 20.4.1.7, K2 A7 >= 22.6.506.28, K2G A1 >= 22.6.3.20
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:36:05.791Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Phicomm Routers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "K3 \u003e= 21.5.37.246, K3C \u003e= 32.1.22.113, K2P \u003e= 20.4.1.7, K2 A7 \u003e= 22.6.506.28, K2G A1 \u003e= 22.6.3.20"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A null byte interaction error has been discovered in the code that the telnetd_startup daemon uses to construct a pair of ephemeral passwords that allow a user to spawn a telnet service on the router, and to ensure that the telnet service persists upon reboot. By means of a crafted exchange of UDP packets, an unauthenticated attacker on the local network can leverage this null byte interaction error in such a way as to make those ephemeral passwords predictable (with 1-in-94 odds). Since the attacker must manipulate data processed by the OpenSSL function RSA_public_decrypt(), successful exploitation of this vulnerability depends on the use of an unpadded RSA cipher (CVE-2022-25218)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Null Byte Interaction Error",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T21:56:51.000Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnreport@tenable.com",
"ID": "CVE-2022-25219",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Phicomm Routers",
"version": {
"version_data": [
{
"version_value": "K3 \u003e= 21.5.37.246, K3C \u003e= 32.1.22.113, K2P \u003e= 20.4.1.7, K2 A7 \u003e= 22.6.506.28, K2G A1 \u003e= 22.6.3.20"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A null byte interaction error has been discovered in the code that the telnetd_startup daemon uses to construct a pair of ephemeral passwords that allow a user to spawn a telnet service on the router, and to ensure that the telnet service persists upon reboot. By means of a crafted exchange of UDP packets, an unauthenticated attacker on the local network can leverage this null byte interaction error in such a way as to make those ephemeral passwords predictable (with 1-in-94 odds). Since the attacker must manipulate data processed by the OpenSSL function RSA_public_decrypt(), successful exploitation of this vulnerability depends on the use of an unpadded RSA cipher (CVE-2022-25218)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Null Byte Interaction Error"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/research/tra-2022-01",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2022-25219",
"datePublished": "2022-03-07T21:56:51.000Z",
"dateReserved": "2022-02-15T00:00:00.000Z",
"dateUpdated": "2024-08-03T04:36:05.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25213 (GCVE-0-2022-25213)
Vulnerability from cvelistv5 – Published: 2022-03-07 21:55 – Updated: 2024-08-03 04:36
VLAI
Summary
Improper physical access control and use of hard-coded credentials in /etc/passwd permits an attacker with physical access to obtain a root shell via an unprotected UART port on the device. The same port exposes an unauthenticated Das U-Boot BIOS shell.
Severity
No CVSS data available.
CWE
- Improper physical access control
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.tenable.com/security/research/tra-2022-01 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Phicomm Routers |
Affected:
K3C
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:36:06.435Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Phicomm Routers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "K3C"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper physical access control and use of hard-coded credentials in /etc/passwd permits an attacker with physical access to obtain a root shell via an unprotected UART port on the device. The same port exposes an unauthenticated Das U-Boot BIOS shell."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper physical access control",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T21:55:25.000Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnreport@tenable.com",
"ID": "CVE-2022-25213",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Phicomm Routers",
"version": {
"version_data": [
{
"version_value": "K3C"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper physical access control and use of hard-coded credentials in /etc/passwd permits an attacker with physical access to obtain a root shell via an unprotected UART port on the device. The same port exposes an unauthenticated Das U-Boot BIOS shell."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper physical access control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/research/tra-2022-01",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2022-25213",
"datePublished": "2022-03-07T21:55:25.000Z",
"dateReserved": "2022-02-15T00:00:00.000Z",
"dateUpdated": "2024-08-03T04:36:06.435Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25215 (GCVE-0-2022-25215)
Vulnerability from cvelistv5 – Published: 2022-03-07 21:53 – Updated: 2024-08-03 04:36
VLAI
Summary
Improper access control on the LocalMACConfig.asp interface allows an unauthenticated remote attacker to add (or remove) client MAC addresses to (or from) a list of banned hosts. Clients with those MAC addresses are then prevented from accessing either the WAN or the router itself.
Severity
No CVSS data available.
CWE
- Improper access control leading to denial of service
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.tenable.com/security/research/tra-2022-01 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Phicomm Routers |
Affected:
K2G A1 >= 22.6.3.20, K2 A7 >= 22.6.506.28, K2G A1 >= 22.6.3.20
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:36:06.378Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Phicomm Routers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "K2G A1 \u003e= 22.6.3.20, K2 A7 \u003e= 22.6.506.28, K2G A1 \u003e= 22.6.3.20"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control on the LocalMACConfig.asp interface allows an unauthenticated remote attacker to add (or remove) client MAC addresses to (or from) a list of banned hosts. Clients with those MAC addresses are then prevented from accessing either the WAN or the router itself."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper access control leading to denial of service",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T21:53:11.000Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnreport@tenable.com",
"ID": "CVE-2022-25215",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Phicomm Routers",
"version": {
"version_data": [
{
"version_value": "K2G A1 \u003e= 22.6.3.20, K2 A7 \u003e= 22.6.506.28, K2G A1 \u003e= 22.6.3.20"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper access control on the LocalMACConfig.asp interface allows an unauthenticated remote attacker to add (or remove) client MAC addresses to (or from) a list of banned hosts. Clients with those MAC addresses are then prevented from accessing either the WAN or the router itself."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper access control leading to denial of service"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/research/tra-2022-01",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2022-25215",
"datePublished": "2022-03-07T21:53:11.000Z",
"dateReserved": "2022-02-15T00:00:00.000Z",
"dateUpdated": "2024-08-03T04:36:06.378Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25218 (GCVE-0-2022-25218)
Vulnerability from cvelistv5 – Published: 2022-03-07 21:50 – Updated: 2024-08-03 04:36
VLAI
Summary
The use of the RSA algorithm without OAEP, or any other padding scheme, in telnetd_startup, allows an unauthenticated attacker on the local area network to achieve a significant degree of control over the "plaintext" to which an arbitrary blob of ciphertext will be decrypted by OpenSSL's RSA_public_decrypt() function. This weakness allows the attacker to manipulate the various iterations of the telnetd startup state machine and eventually obtain a root shell on the device, by means of an exchange of crafted UDP packets. In all versions but K2 22.5.9.163 and K3C 32.1.15.93 a successful attack also requires the exploitation of a null-byte interaction error (CVE-2022-25219).
Severity
No CVSS data available.
CWE
- Use of RSA Algorithm without OAEP
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.tenable.com/security/research/tra-2022-01 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Phicomm Routers |
Affected:
K2 >= 22.5.9.163, K3 >= 21.5.37.246, K3C >= 32.1.15.93, K2P >= 20.4.1.7, K2 A7 >= 22.6.506.28
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:36:06.287Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Phicomm Routers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "K2 \u003e= 22.5.9.163, K3 \u003e= 21.5.37.246, K3C \u003e= 32.1.15.93, K2P \u003e= 20.4.1.7, K2 A7 \u003e= 22.6.506.28"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The use of the RSA algorithm without OAEP, or any other padding scheme, in telnetd_startup, allows an unauthenticated attacker on the local area network to achieve a significant degree of control over the \"plaintext\" to which an arbitrary blob of ciphertext will be decrypted by OpenSSL\u0027s RSA_public_decrypt() function. This weakness allows the attacker to manipulate the various iterations of the telnetd startup state machine and eventually obtain a root shell on the device, by means of an exchange of crafted UDP packets. In all versions but K2 22.5.9.163 and K3C 32.1.15.93 a successful attack also requires the exploitation of a null-byte interaction error (CVE-2022-25219)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use of RSA Algorithm without OAEP",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T21:50:25.000Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnreport@tenable.com",
"ID": "CVE-2022-25218",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Phicomm Routers",
"version": {
"version_data": [
{
"version_value": "K2 \u003e= 22.5.9.163, K3 \u003e= 21.5.37.246, K3C \u003e= 32.1.15.93, K2P \u003e= 20.4.1.7, K2 A7 \u003e= 22.6.506.28"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The use of the RSA algorithm without OAEP, or any other padding scheme, in telnetd_startup, allows an unauthenticated attacker on the local area network to achieve a significant degree of control over the \"plaintext\" to which an arbitrary blob of ciphertext will be decrypted by OpenSSL\u0027s RSA_public_decrypt() function. This weakness allows the attacker to manipulate the various iterations of the telnetd startup state machine and eventually obtain a root shell on the device, by means of an exchange of crafted UDP packets. In all versions but K2 22.5.9.163 and K3C 32.1.15.93 a successful attack also requires the exploitation of a null-byte interaction error (CVE-2022-25219)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use of RSA Algorithm without OAEP"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/research/tra-2022-01",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2022-25218",
"datePublished": "2022-03-07T21:50:25.000Z",
"dateReserved": "2022-02-15T00:00:00.000Z",
"dateUpdated": "2024-08-03T04:36:06.287Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25217 (GCVE-0-2022-25217)
Vulnerability from cvelistv5 – Published: 2022-03-07 21:49 – Updated: 2024-08-03 04:36
VLAI
Summary
Use of a hard-coded cryptographic key pair by the telnetd_startup service allows an attacker on the local area network to obtain a root shell on the device over telnet. The builds of telnetd_startup included in the version 22.5.9.163 of the K2 firmware, and version 32.1.15.93 of the K3C firmware (possibly amongst many other releases) included both the private and public RSA keys. The remaining versions cited here redacted the private key, but left the public key unchanged. An attacker in possession of the leaked private key may, through a scripted exchange of UDP packets, instruct telnetd_startup to spawn an unauthenticated telnet shell as root, by means of which they can then obtain complete control of the device. A consequence of the limited availablility of firmware images for testing is that models and versions not listed here may share this vulnerability.
Severity
No CVSS data available.
CWE
- Use of a hard-coded cryptographic key
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.tenable.com/security/research/tra-2022-01 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Phicomm Routers |
Affected:
K2 22.5.9.163, K3 21.5.37.246, K3C 32.1.15.93 -- 32.1.26.175, K3C 33.1.25.177, K2P 20.4.1.7, K2 A7 22.6.506.28
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:36:06.305Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Phicomm Routers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "K2 22.5.9.163, K3 21.5.37.246, K3C 32.1.15.93 -- 32.1.26.175, K3C 33.1.25.177, K2P 20.4.1.7, K2 A7 22.6.506.28"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Use of a hard-coded cryptographic key pair by the telnetd_startup service allows an attacker on the local area network to obtain a root shell on the device over telnet. The builds of telnetd_startup included in the version 22.5.9.163 of the K2 firmware, and version 32.1.15.93 of the K3C firmware (possibly amongst many other releases) included both the private and public RSA keys. The remaining versions cited here redacted the private key, but left the public key unchanged. An attacker in possession of the leaked private key may, through a scripted exchange of UDP packets, instruct telnetd_startup to spawn an unauthenticated telnet shell as root, by means of which they can then obtain complete control of the device. A consequence of the limited availablility of firmware images for testing is that models and versions not listed here may share this vulnerability."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Use of a hard-coded cryptographic key",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T21:49:05.000Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnreport@tenable.com",
"ID": "CVE-2022-25217",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Phicomm Routers",
"version": {
"version_data": [
{
"version_value": "K2 22.5.9.163, K3 21.5.37.246, K3C 32.1.15.93 -- 32.1.26.175, K3C 33.1.25.177, K2P 20.4.1.7, K2 A7 22.6.506.28"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Use of a hard-coded cryptographic key pair by the telnetd_startup service allows an attacker on the local area network to obtain a root shell on the device over telnet. The builds of telnetd_startup included in the version 22.5.9.163 of the K2 firmware, and version 32.1.15.93 of the K3C firmware (possibly amongst many other releases) included both the private and public RSA keys. The remaining versions cited here redacted the private key, but left the public key unchanged. An attacker in possession of the leaked private key may, through a scripted exchange of UDP packets, instruct telnetd_startup to spawn an unauthenticated telnet shell as root, by means of which they can then obtain complete control of the device. A consequence of the limited availablility of firmware images for testing is that models and versions not listed here may share this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Use of a hard-coded cryptographic key"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/research/tra-2022-01",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2022-25217",
"datePublished": "2022-03-07T21:49:05.000Z",
"dateReserved": "2022-02-15T00:00:00.000Z",
"dateUpdated": "2024-08-03T04:36:06.305Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-25214 (GCVE-0-2022-25214)
Vulnerability from cvelistv5 – Published: 2022-03-07 21:47 – Updated: 2024-08-03 04:36
VLAI
Summary
Improper access control on the LocalClientList.asp interface allows an unauthenticated remote attacker to obtain sensitive information concerning devices on the local area network, including IP and MAC addresses. Improper access control on the wirelesssetup.asp interface allows an unauthenticated remote attacker to obtain the WPA passphrases for the 2.4GHz and 5.0GHz wireless networks. This is particularly dangerous given that the K2G setup wizard presents the user with the option of using the same password for the 2.4Ghz network and the administrative interface, by clicking a checkbox. When Remote Managment is enabled, these endpoints are exposed to the WAN.
Severity
No CVSS data available.
CWE
- Improper access control leading to information leaks
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.tenable.com/security/research/tra-2022-01 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| n/a | Phicomm Routers |
Affected:
K2G A1 >= 22.6.3.20, K2 A7 >= 22.6.506.28, K2G A1 >= 22.6.3.20
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T04:36:05.813Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Phicomm Routers",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "K2G A1 \u003e= 22.6.3.20, K2 A7 \u003e= 22.6.506.28, K2G A1 \u003e= 22.6.3.20"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control on the LocalClientList.asp interface allows an unauthenticated remote attacker to obtain sensitive information concerning devices on the local area network, including IP and MAC addresses. Improper access control on the wirelesssetup.asp interface allows an unauthenticated remote attacker to obtain the WPA passphrases for the 2.4GHz and 5.0GHz wireless networks. This is particularly dangerous given that the K2G setup wizard presents the user with the option of using the same password for the 2.4Ghz network and the administrative interface, by clicking a checkbox. When Remote Managment is enabled, these endpoints are exposed to the WAN."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Improper access control leading to information leaks",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T21:47:00.000Z",
"orgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"shortName": "tenable"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vulnreport@tenable.com",
"ID": "CVE-2022-25214",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Phicomm Routers",
"version": {
"version_data": [
{
"version_value": "K2G A1 \u003e= 22.6.3.20, K2 A7 \u003e= 22.6.506.28, K2G A1 \u003e= 22.6.3.20"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper access control on the LocalClientList.asp interface allows an unauthenticated remote attacker to obtain sensitive information concerning devices on the local area network, including IP and MAC addresses. Improper access control on the wirelesssetup.asp interface allows an unauthenticated remote attacker to obtain the WPA passphrases for the 2.4GHz and 5.0GHz wireless networks. This is particularly dangerous given that the K2G setup wizard presents the user with the option of using the same password for the 2.4Ghz network and the administrative interface, by clicking a checkbox. When Remote Managment is enabled, these endpoints are exposed to the WAN."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper access control leading to information leaks"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.tenable.com/security/research/tra-2022-01",
"refsource": "MISC",
"url": "https://www.tenable.com/security/research/tra-2022-01"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "5ac1ecc2-367a-4d16-a0b2-35d495ddd0be",
"assignerShortName": "tenable",
"cveId": "CVE-2022-25214",
"datePublished": "2022-03-07T21:47:00.000Z",
"dateReserved": "2022-02-15T00:00:00.000Z",
"dateUpdated": "2024-08-03T04:36:05.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}