CVE-2022-36264 - OpenCVE

In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists an Unauthenticated remote Arbitrary File Upload vulnerability which allows overwriting arbitrary files. A malicious actor can remotely upload a file of their choice and overwrite any file in the system by manipulating the filename and append a relative path that will be interpreted during the upload process. Using this method, it is possible to rewrite any file in the system or upload a new file.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Airspan	Airspot 5410 Firmware Airspot 5410

Configuration 1 [-]

AND

cpe:2.3:o:airspan:airspot_5410_firmware:*:*:*:*:*:*:*:*

cpe:2.3:h:airspan:airspot_5410:-:*:*:*:*:*:*:*

References

Link	Resource
https://gist.github.com/Nwqda/e82b3155401b094372195fdaa9b54833	Exploit Mitigation Third Party Advisory
https://wdi.rfwel.com/cdn/techdocs/AirSpot5410.pdf	Product Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2022-08-08T14:38:01

Updated: 2022-08-08T14:38:01

Reserved: 2022-07-18T00:00:00

Link: CVE-2022-36264

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-08-08T15:15:08.900

Modified: 2022-08-12T14:57:07.983

Link: CVE-2022-36264

JSON object: View

Redhat Information

No data.

CWE

CWE-434

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "descriptions": [{"lang": "en", "value": "In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists an Unauthenticated remote Arbitrary File Upload vulnerability which allows overwriting arbitrary files. A malicious actor can remotely upload a file of their choice and overwrite any file in the system by manipulating the filename and append a relative path that will be interpreted during the upload process. Using this method, it is possible to rewrite any file in the system or upload a new file."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2022-08-08T14:38:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://gist.github.com/Nwqda/e82b3155401b094372195fdaa9b54833"}, {"tags": ["x_refsource_MISC"], "url": "https://wdi.rfwel.com/cdn/techdocs/AirSpot5410.pdf"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-36264", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists an Unauthenticated remote Arbitrary File Upload vulnerability which allows overwriting arbitrary files. A malicious actor can remotely upload a file of their choice and overwrite any file in the system by manipulating the filename and append a relative path that will be interpreted during the upload process. Using this method, it is possible to rewrite any file in the system or upload a new file."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://gist.github.com/Nwqda/e82b3155401b094372195fdaa9b54833", "refsource": "MISC", "url": "https://gist.github.com/Nwqda/e82b3155401b094372195fdaa9b54833"}, {"name": "https://wdi.rfwel.com/cdn/techdocs/AirSpot5410.pdf", "refsource": "MISC", "url": "https://wdi.rfwel.com/cdn/techdocs/AirSpot5410.pdf"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-36264", "datePublished": "2022-08-08T14:38:01", "dateReserved": "2022-07-18T00:00:00", "dateUpdated": "2022-08-08T14:38:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:airspan:airspot_5410_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "59C409B3-0CFA-48A0-BEF1-AB721401E8EE", "versionEndIncluding": "0.3.4.1-4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:airspan:airspot_5410:-:*:*:*:*:*:*:*", "matchCriteriaId": "3AF8C2B0-0EB8-41B8-B2AB-1EFB0AFE71FB", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "In Airspan AirSpot 5410 version 0.3.4.1-4 and under there exists an Unauthenticated remote Arbitrary File Upload vulnerability which allows overwriting arbitrary files. A malicious actor can remotely upload a file of their choice and overwrite any file in the system by manipulating the filename and append a relative path that will be interpreted during the upload process. Using this method, it is possible to rewrite any file in the system or upload a new file."}, {"lang": "es", "value": "En Airspan AirSpot 5410 versiones 0.3.4.1-4 y anteriores, se presenta una vulnerabilidad de carga de archivos arbitraria remota no autenticada que permite sobrescribir archivos arbitrarios. Un actor malicioso puede subir remotamente un archivo de su elecci\u00f3n y sobrescribir cualquier archivo en el sistema al manipular el nombre del archivo y a\u00f1adiendo una ruta relativa que ser\u00e1 interpretada durante el proceso de subida. Usando este m\u00e9todo, es posible reescribir cualquier archivo en el sistema o subir un nuevo archivo"}], "id": "CVE-2022-36264", "lastModified": "2022-08-12T14:57:07.983", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-08-08T15:15:08.900", "references": [{"source": "cve@mitre.org", "tags": ["Exploit", "Mitigation", "Third Party Advisory"], "url": "https://gist.github.com/Nwqda/e82b3155401b094372195fdaa9b54833"}, {"source": "cve@mitre.org", "tags": ["Product", "Third Party Advisory"], "url": "https://wdi.rfwel.com/cdn/techdocs/AirSpot5410.pdf"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "nvd@nist.gov", "type": "Primary"}]}