CVE-2022-36158 - OpenCVE

Contec FXA3200 version 1.13.00 and under suffers from Insecure Permissions in the Wireless LAN Manager interface which allows malicious actors to execute Linux commands with root privilege via a hidden web page (/usr/www/ja/mnt_cmd.cgi).

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Contec	Fxa3020 Fxa2000 Fxa3200 Firmware Fxa3020 Firmware Fxa3200 Fxa2000 Firmware Fxa3000 Firmware Fxa3000

Configuration 1 [-]

AND

cpe:2.3:o:contec:fxa3000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:contec:fxa3000:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND

cpe:2.3:o:contec:fxa3020_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:contec:fxa3020:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND

cpe:2.3:o:contec:fxa3200_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:contec:fxa3200:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND

cpe:2.3:o:contec:fxa2000_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:contec:fxa2000:-:*:*:*:*:*:*:*

References

Link	Resource
https://gist.github.com/Nwqda/aac33d1936d2b514a3268f145345abb4	Broken Link Third Party Advisory
https://jvn.jp/en/vu/JVNVU98305100/	Patch Third Party Advisory
https://samy.link/blog/contec-flexlan-fxa2000-and-fxa3000-series-vulnerability-repo	Exploit Mitigation Third Party Advisory
https://www.contec.com/products-services/computer-networking/flexlan-fx/fx-accesspoint/fxa3200/feature/#section	Product

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-09-26T10:07:23

Updated: 2022-09-26T10:07:23

Reserved: 2022-07-18T00:00:00

Link: CVE-2022-36158

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-09-26T11:15:09.483

Modified: 2023-08-08T14:22:24.967

Link: CVE-2022-36158

JSON object: View

Redhat Information

No data.

CWE

CWE-425

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "Contec FXA3200 version 1.13.00 and under suffers from Insecure Permissions in the Wireless LAN Manager interface which allows malicious actors to execute Linux commands with root privilege via a hidden web page (/usr/www/ja/mnt_cmd.cgi)."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-09-26T10:07:23", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.contec.com/products-services/computer-networking/flexlan-fx/fx-accesspoint/fxa3200/feature/#section"}, {"tags": ["x_refsource_MISC"], "url": "https://gist.github.com/Nwqda/aac33d1936d2b514a3268f145345abb4"}, {"tags": ["x_refsource_MISC"], "url": "https://samy.link/blog/contec-flexlan-fxa2000-and-fxa3000-series-vulnerability-repo"}, {"tags": ["x_refsource_MISC"], "url": "https://jvn.jp/en/vu/JVNVU98305100/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-36158", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Contec FXA3200 version 1.13.00 and under suffers from Insecure Permissions in the Wireless LAN Manager interface which allows malicious actors to execute Linux commands with root privilege via a hidden web page (/usr/www/ja/mnt_cmd.cgi)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.contec.com/products-services/computer-networking/flexlan-fx/fx-accesspoint/fxa3200/feature/#section", "refsource": "MISC", "url": "https://www.contec.com/products-services/computer-networking/flexlan-fx/fx-accesspoint/fxa3200/feature/#section"}, {"name": "https://gist.github.com/Nwqda/aac33d1936d2b514a3268f145345abb4", "refsource": "MISC", "url": "https://gist.github.com/Nwqda/aac33d1936d2b514a3268f145345abb4"}, {"name": "https://samy.link/blog/contec-flexlan-fxa2000-and-fxa3000-series-vulnerability-repo", "refsource": "MISC", "url": "https://samy.link/blog/contec-flexlan-fxa2000-and-fxa3000-series-vulnerability-repo"}, {"name": "https://jvn.jp/en/vu/JVNVU98305100/", "refsource": "MISC", "url": "https://jvn.jp/en/vu/JVNVU98305100/"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-36158", "datePublished": "2022-09-26T10:07:23", "dateReserved": "2022-07-18T00:00:00", "dateUpdated": "2022-09-26T10:07:23", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:contec:fxa3000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "6E67687B-F390-444A-8E80-250763681261", "versionEndIncluding": "1.13.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:contec:fxa3000:-:*:*:*:*:*:*:*", "matchCriteriaId": "9AB86C4B-366E-4560-94A9-9821C2CCC5C2", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:contec:fxa3020_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "2BBBCFC0-97C2-4777-B49D-D010E8094774", "versionEndIncluding": "1.13.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:contec:fxa3020:-:*:*:*:*:*:*:*", "matchCriteriaId": "8ECA2469-3831-4AF5-B3C8-A5958AF2900C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:contec:fxa3200_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "E38C56EE-4B13-4ADC-BCD4-D7FD4F077ED5", "versionEndIncluding": "1.13.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:contec:fxa3200:-:*:*:*:*:*:*:*", "matchCriteriaId": "20886C6B-D3B4-438D-BBAF-F80AEE3B8762", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:contec:fxa2000_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "DA3E66D5-3D23-49C9-8920-7D96ACEFA96F", "versionEndExcluding": "1.39.00", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:contec:fxa2000:-:*:*:*:*:*:*:*", "matchCriteriaId": "B4A09AF9-472E-4FC0-A490-EF21EB37D47C", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "Contec FXA3200 version 1.13.00 and under suffers from Insecure Permissions in the Wireless LAN Manager interface which allows malicious actors to execute Linux commands with root privilege via a hidden web page (/usr/www/ja/mnt_cmd.cgi)."}, {"lang": "es", "value": "Contec FXA3200 versiones 1.13.00 y anteriores, sufre de permisos no seguros en la interfaz del Wireless LAN Manager, lo que permite a actores maliciosos ejecutar comandos de Linux con privilegios de root por medio de una p\u00e1gina web oculta (/usr/www/ja/mnt_cmd.cgi).\n"}], "id": "CVE-2022-36158", "lastModified": "2023-08-08T14:22:24.967", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.1, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-09-26T11:15:09.483", "references": [{"source": "cve@mitre.org", "tags": ["Broken Link", "Third Party Advisory"], "url": "https://gist.github.com/Nwqda/aac33d1936d2b514a3268f145345abb4"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://jvn.jp/en/vu/JVNVU98305100/"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Mitigation", "Third Party Advisory"], "url": "https://samy.link/blog/contec-flexlan-fxa2000-and-fxa3000-series-vulnerability-repo"}, {"source": "cve@mitre.org", "tags": ["Product"], "url": "https://www.contec.com/products-services/computer-networking/flexlan-fx/fx-accesspoint/fxa3200/feature/#section"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-425"}], "source": "nvd@nist.gov", "type": "Primary"}]}